IETF Logo Mail Archive

Re: [Anima] I-D Action: draft-ietf-anima-grasp-13.txt - SONN

Uma Chunduri <uma.chunduri@huawei.com> Fri, 09 June 2017 17:58 UTC

Return-Path: <uma.chunduri@huawei.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46EEC12708C for <anima@ietfa.amsl.com>; Fri, 9 Jun 2017 10:58:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mQVmMfBBOTq9 for <anima@ietfa.amsl.com>; Fri, 9 Jun 2017 10:58:49 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0744C1267BB for <anima@ietf.org>; Fri, 9 Jun 2017 10:58:48 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml706-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DIF27950; Fri, 09 Jun 2017 17:58:43 +0000 (GMT)
Received: from SJCEML703-CHM.china.huawei.com (10.208.112.39) by lhreml706-cah.china.huawei.com (10.201.108.47) with Microsoft SMTP Server (TLS) id 14.3.301.0; Fri, 9 Jun 2017 18:58:42 +0100
Received: from SJCEML701-CHM.china.huawei.com ([169.254.3.56]) by SJCEML703-CHM.china.huawei.com ([169.254.5.229]) with mapi id 14.03.0235.001; Fri, 9 Jun 2017 10:58:33 -0700
From: Uma Chunduri <uma.chunduri@huawei.com>
To: William Atwood <william.atwood@concordia.ca>, "anima@ietf.org" <anima@ietf.org>, Toerless Eckert <tte@cs.fau.de>, Michael Richardson <mcr+ietf@sandelman.ca>
Thread-Topic: [Anima] I-D Action: draft-ietf-anima-grasp-13.txt - SONN
Thread-Index: AQHS3xwbVfg4udml4EeRuqp+C3FTHaIaaLsAgAAQ+ACAAD1mgIABCTaAgAAbbACAAPeskA==
Date: Fri, 09 Jun 2017 17:58:33 +0000
Message-ID: <25B4902B1192E84696414485F5726854018BEED6@SJCEML701-CHM.china.huawei.com>
References: <149669625424.3230.10151704455578829166@ietfa.amsl.com> <f829bda3-d4f5-014d-8ffd-e63537171ba6@gmail.com> <20170606232417.GJ12427@faui40p.informatik.uni-erlangen.de> <15560.1496872540@obiwan.sandelman.ca> <20170607225624.GF20021@faui40p.informatik.uni-erlangen.de> <16530.1496889369@obiwan.sandelman.ca> <20170608182523.GH20021@faui40p.informatik.uni-erlangen.de> <278e5e7f-5b09-f886-2fcb-25cd597c6ca6@concordia.ca>
In-Reply-To: <278e5e7f-5b09-f886-2fcb-25cd597c6ca6@concordia.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.213.49.110]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020203.593AE1D4.0055, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.3.56, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 5205cdecc632df224577a0683e014ad9
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/N-nKvbGKBSkXmKcR_lnv9508dmg>
Subject: Re: [Anima] I-D Action: draft-ietf-anima-grasp-13.txt - SONN
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jun 2017 17:58:52 -0000

Agree with Bill below.


As a co-author of the  pair-wise key drafts https://www.ietf.org/archive/id/draft-chunduri-karp-using-ikev2-with-tcp-ao-06.txt & https://tools.ietf.org/html/draft-mahesh-karp-rkmp-05  or 
adaptation of IKEv2 for TCP-AO, I can say there was lot of effort done in KARP for this. 

However, eventually KARP WG  decided routing protocols don't need automated key exchange protocol for both pair-wise or for group-keying (out of KARP charter)  and the effort was  not progressed.


I am not fully clear on the exact requirements current context (*) but can answer any specific questions around usage of IKEv2 other than IPSec.

--
Uma C.
* I don't closely follow all Anima WG posts, Sorry!

-----Original Message-----
From: Anima [mailto:anima-bounces@ietf.org] On Behalf Of William Atwood
Sent: Thursday, June 08, 2017 1:04 PM
To: anima@ietf.org; Toerless Eckert <tte@cs.fau.de>; Michael Richardson <mcr+ietf@sandelman.ca>
Subject: Re: [Anima] I-D Action: draft-ietf-anima-grasp-13.txt - SONN

Toerless,

The idea to extend IKEv2 for "wider scope" negotiation can certainly be seen in the KARP documents.  In this case:
1) for unicast negotiation, the protocols being keyed include IPsec and TCP-AO
2) for multicast negotiation, the base model was GDOI (adapted to IKEv2), but an election procedure was added

The addition is because GDOI's administratively-assigned group controller/key server was not suitable for a negotiation whose scope was a single network segment.  KARP needed something that would work on its own.  Sounds as if "autonomic" would be a good descriptor for this case...

Unfortunately, these two documents never made it past the "draft-author"
stage.  However, they were well-enough defined that I have a student who has formally validated some of their security properties.

documents (all four that I believe are pertinent):
	draft-mahesh-karp-rkmp
 	draft-hartman-karp-mrkmp
	draft-yeung-g-ikev2
	draft-chunduri-karp-using-ikev2-with-tcp-ao

  Bill


On 08/06/2017 2:25 PM, Toerless Eckert wrote:
> Thanks, Michael:
> 
> Any examples of how IKEv2 is used to negotiate other non-IPsec protocols ?
> 
> [ I have not found examples describing the use of IKE(v2) for dissimilar
>   crypto associations outside of IPsec, except for maybe RFC4595. If i
>   wanted for example to negotiate between 802.1ae or IPsec, i wonder what
>   amount of trouble/work that would be to define that as an IKEv2 extension
>   vs. defining this just as a GRASP negotiation in TLS. ]
> 
> Yes, we just made up TLS, and yes, if we can't come to a conclusion 
> that
> IKEv2 is not the most feasible approach (see above for my concerns), 
> TLS may potentially also not be the most widely accepted transport 
> given the constrained IoT worlds preference to use CoAP/dTLS if i am not mistaken.
> 
> In any case this discussion seems to point to need to take the more 
> intelligent negotiation out of the ACP document into a separate draft 
> where we can continue to ponder and decide on the best option. Right ?
> 
> Eg: Maybe a "lightweight heterogenous security association negotiation mechanism"
> would have to be GRASP/CoAP/dTLS. and the negotiation functions should 
> defintely be able to argue how they did inherit or differ from IKEv2.
> 
> In the end this may simple be a more strategic modularization 
> direction, to reuse evolving building blocks eg: IKEv2 was built as a 
> silo when there where no widely adopted initial security association protocols like TLS/dTLS.
> And the message formats used in IKEv2 where predating evolving 
> industry preferences over a reuse of request/response exchange 
> standards such as those of HTTP/CoAP/(hopefully GRASP) or encoding rules such as those of XML or JSON/CBOR.
> 
> If using IKEv2 to negotiate into eg: 802.1ae would be easier and make 
> adoption easier, i'd be all for it. Past experience just makes me 
> think this to be less likely.
> 
> Wrt to IP in dTLS:
> 
> This would of course only be a candidate ACP channel. For negotiation 
> we would not need IP, it would just be GRASP/(d)TLS or GRASP/CoAP/dTLS.
> 
> We had the argument in Chigaco or before whether it would be necessary 
> to have a
> 1 paragraph separate document to state that IP packets can be carried 
> in dTLS, and i thought we did in the meeting come to the conclusion 
> that that was not necessary. But that may have been premature. I was looking at:
> draft-mavrogiannopoulos-openconnect-00. That certainly is mostly 
> complexity because it combines TLS for connection negotiation and dTLS for the data.
> Gee, i wonder why they didn't use IKEv2 ;-))
> 
> Nevertheless: Would be interesting to find the most simple RFC example 
> of an application protocol that just uses dTLS to have an example of 
> what dTLS parameters one would need to specify.
> 
> (i assume OpenVPN is just an implementation of openconnect mechanism, 
> right ?, i have not used it myself but just linux openconnect and 
> Cisco Anyconnect)
> 
> Btw: Eric recommended to take a look at https://tools.ietf.org/html/draft-ietf-dprive-dtls-and-tls-profiles-09 as a recent example how to specify security profiles for (d)TLS.
> 
> Cheers
>     toerless
> 
> On Wed, Jun 07, 2017 at 10:36:09PM -0400, Michael Richardson wrote:
>>
>> Toerless Eckert <tte@cs.fau.de> wrote:
>>     > So, in some near term future, ANI/ACP is so successfully that we
>>     > have four possible ACP channel protocols: IPsec, IPsec/GRE, dTLS and
>>     > 802.1ae
>>
>> That's only three, btw.
>> And the answer is that you'd use IKEv2 to negotiate which one of them 
>> to use, because IKEv2 was designed *SPECIFICALLY* to do this kind of thing.
>>
>>     > a) We need a security association before we negotiate so the negotiation does
>>     > not become an attack vector. Solution: We build a a TLS 
>> connection
>>
>> You just assumed TLS.
>> If you can assume TLS, I can assume IKEv2, and save a lot more code, 
>> and pages less
>>
>> And you have to assume TLS 1.3 (so you need new code and new 
>> libraries on every device). The process will still be suspectible to 
>> trivial TCP RST attacks.  So please add some security for that part too!
>>
>>
>>     >> 2) We have no meaningful specification for IP over *TLS thing.
>>     >> (but that, I mean a deployed protocol with an RFC and widespread
>>     >> implementation.)
>>
>>     > The negotiation is just GRASP inside TLS. No IP needed.
>>
>> I'm talking about the "dTLS" option above you just named.
>> What is it?  "IP in DTLS" isn't anywhere near enough.
>> Why not add OpenVPN to the list too?
>> At least it has widely used, extensively tested reference code, even 
>> if it has no public specification.
>>
>> Some developer in Mumbai will still have no idea what that means.
>> Is there an IXIA or SPIRENT module so that I can test it at 10G? or 100G?
>> That's a serious objection: you can't just make stuff up like that.
>>
>>     >> 3) I have been trying to understand the MACsec KMP, as some would like to run
>>     >> the ACP over MACsec.    I originally was led to believe that there was no
>>     >> KMP, but after finding the full specifications, it's clear that there is
>>     >> support for PSK and other things and even IDevID are mentioned.
>>     >> I'd still like to suggest that we negotiate the use of MACsec (or of some
>>     >> yet-to-be-well-defined IP over TLS) via IKEv2.  It's not at all hard, and
>>     >> if IKEv2 is the MTI, then we need it implemented anyway.  An IKEv2 minimal
>>     >> implementation can be very small; lwig has some good advice, but it
>>     >> assumes initiator only, and we need both.
>>     >>
>>     >> I can not see a purpose for SONN, and I do not think we can do a proper
>>     >> security analysis, and it forces TLS to be MTI.  SONN will therefore add
>>     >> a significant (3-5 pages) of text on how to use TLS properly.
>>
>>     > Would be great if you could point me to some example RFC where something like
>>     > this ("how to use TLS appropriately") is done!
>>
>> I think that the Opportunistic Security specification, 
>> https://tools.ietf.org/html/rfc7435
>> tried to do this.  I'm not a TLS guy, so go ask one of them.
>>
>> --
>> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works  
>> -= IPv6 IoT consulting =-
>>
> 
> _______________________________________________
> Anima mailing list
> Anima@ietf.org
> https://www.ietf.org/mailman/listinfo/anima
> 

-- 

Dr. J.W. Atwood, Eng.             tel:   +1 (514) 848-2424 x3046
Distinguished Professor Emeritus  fax:   +1 (514) 848-2830
Department of Computer Science
   and Software Engineering
Concordia University EV 3.185     email:william.atwood@concordia.ca
1455 de Maisonneuve Blvd. West    http://users.encs.concordia.ca/~bill
Montreal, Quebec Canada H3G 1M8

_______________________________________________
Anima mailing list
Anima@ietf.org
https://www.ietf.org/mailman/listinfo/anima

v2.23.0 | Report a Bug | By Email