**Session Date/Time:** 23 Jul 2025 07:30 # sshm ## Summary This meeting covered a range of topics including the status of existing documents, adoption calls for new drafts, and discussions surrounding post-quantum cryptography and file transfer protocols. Key discussions revolved around the SSH Agent Protocol draft, the strict Kex draft, SSH Certificates and ASGCM, and SFTP drafts. A decision was made regarding the strict Kex draft and potential future versions of SSH. The group also explored various approaches for handling post-quantum cryptographic proposals, while emphasizing the importance of deployments and implementation. ## Key Discussion Points * **SSH Agent Protocol:** A plea was made for more reviews of the SSH Agent Protocol draft to facilitate its progression. * **Strict Kex:** The discussion centered on whether to bump the SSH version number due to the strict Kex proposal, considering compatibility issues and potential future protocol updates. * **SSH Certificates and ASGCM:** Damien Miller provided updates and answered questions on the SSH Certificates and ASGCM drafts, highlighting their significance. * **SFTP:** Debate on the baseline SFTP version for standardization (version 3 vs. version 6), with emphasis on compatibility and feature sets. * **Post-Quantum Cryptography:** Discussion on how to handle post-quantum proposals, balancing the desire to support forward-looking technologies with the current IETF focus on widely deployed technologies. * **SSH Signatures (SSH-Sig):** Noted to have significant public adoption through Git, but outside the core SSH protocol. The working group needs to ensure that progressing it will not require a recharter. * **Post-Quantum Signature Algorithms:** Discussion whether to use hybrid algorithms, or wait and see where the space ends up. Need for algorithms for authentication because people need to have moved before 2030, when putting things into things might be less easy. * **CC versus CPA KEMs:** Brief discussion on the merits of Concrete Computation (CC) vs Chosen-Plaintext Attack (CPA) Key Encapsulation Mechanisms (KEMs), with a encouragement for more input on the main mailing list. * **Security Proof of Hybrid SSH:** A presentation was given on the security analysis of hybrid SSH implementations, highlighting security guarantees against quantum attackers. ## Decisions and Action Items * **Strict Kex Versioning:** The working group decided *not* to bump the SSH version number within the strict Kex draft. Instead, a separate draft defining SSH 2.1 will be created in the future, encompassing strict Kex and other features for a modern SSH implementation. * **SFTP:** The chairs will check if it will be possible to clear the copy in relation to version 13 of the SFTP draft to make it easier to use as a version 6 draft. * **SFTP:** The working group will discuss the document structure further on the mailing list with a plan to either publish two documents for both version 3 and 6, or one document including version 6 as an appendix. * **SFTP:** The chairs will also look into doing some preparation work for version 6 and try to find someone to write the specification of version 6. * **SSH Agent Protocol:** Encouragement to read and comment on the draft to make progress with standardization. ## Next Steps * Issue working group last call for ChaCha20-Poly1305 and MLCAM Hybrid CAX documents. * Authors of relevant post-quantum drafts to consider if they want their drafts to be adopted by the working group. * Continue discussion on post-quantum cryptography approaches and concrete plans for relevant drafts. * The AD will look into ensuring that progressing SSH-SIG does not require a recharter. * Discussions around the best way to specify SFTP, one document or two. * The AD will contact the authors of the SFTP drafts regarding next steps.