GSS-API Key Exchange with SHA2

Document Type Replaced Internet-Draft (individual)
Authors Simo Sorce  , Hubert Kario 
Last updated 2016-12-13
Replaced by RFC 8732
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-curdle-gss-keyex-sha2
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document specifies additions and amendments to SSH GSS-API Methods [RFC4462]. It defines a new key exchange method that uses SHA-2 for integrity and deprecates weak DH groups. The purpose of this specification is to modernize the cryptographic primitives used by GSS Key Exchanges.


Simo Sorce (
Hubert Kario (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)