From the Internet Society Newsletter distributed 25 March:
A new working group, Secure Shell, has been formed in the Security
area of the IETF. The goal of the group is to update and standardize
the popular SSH protocol. SSH provides support for secure remote login,
secure file transfer, and secure TCP/IP and X11 forwardings. It can
automatically encrypt, authenticate, and copress transmitted data. The
WG will attempt to assure that the SSH protocol:
-- provides strong security against cryptanalysis and protocol attacks,
-- can work reasonably well without a global key management or
certificate infrastructure,
-- can utilize existing certificate infrastructures (e.g., DNSSEC,
SPKI, X.509) when available,
-- can be made easy to deploy and take into use,
-- requires minimum or no manual interaction from users,
- is reasonably clean and simple to implement.
The resulting protocol will operate over TCP/IP or other reliable but
insecure transport. It is intended to be implemented at the application
level.
Chair of the WG is Perry Metzger (perry@piermont.com).