OpenSSH 10.4/10.4p1 Released(openssh.org) |
OpenSSH 10.4/10.4p1 Released(openssh.org) |
When pq key agreement was added in 2019, it took almost 3 years for it to become enabled by default. This isn't criticism, just an observation. I don't have a pressing need for pq sigs. Always happy for new OpenSSH releases though!
The draft was only published a few months ago:
* https://datatracker.ietf.org/doc/draft-miller-sshm-mldsa44-e...
The draft is a 'personal document', so not associated with the IETF/WG.
Anyone know if these projects accept PRs to improve these kinds of things, like legibility? Or is it a point of pride?
* https://man.openbsd.org/ssh_config.5#MACs
* https://man.openbsd.org/sshd_config.5#MACs
ETM, encrypt-than-mac, variants are at the front of the preference list.