IETF Logo Mail Archive

Re: [babel] hmac info model elements

Toke Høiland-Jørgensen <toke@toke.dk> Thu, 03 January 2019 20:59 UTC

Return-Path: <toke@toke.dk>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16EBD130F04 for <babel@ietfa.amsl.com>; Thu, 3 Jan 2019 12:59:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=toke.dk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6g8_Mz-_gXjE for <babel@ietfa.amsl.com>; Thu, 3 Jan 2019 12:59:00 -0800 (PST)
Received: from mail.toke.dk (mail.toke.dk [52.28.52.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 416BA126BED for <babel@ietf.org>; Thu, 3 Jan 2019 12:59:00 -0800 (PST)
From: Toke Høiland-Jørgensen <toke@toke.dk>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023; t=1546549107; bh=Zzh4Gk6nFQr0SKALMQb5PP02ua0uVmDKgoKGLn7Bycs=; h=From:To:Subject:In-Reply-To:References:Date:From; b=dR5VKE1TviUICQq3RAe2zlRbMzAmYg0fmb2UdOEN6o+CKo6NVTxDogOCl0a54eb9f cJinipxg7A5FCaLsKRwyzlIcEyRDGMAzR7mVLYvTsuwrva7rD9h4XPcwYynjl17Cw4 NCtdLJa6CyXoNiBmYrsKJmRggo7xdyRMwEA03OdFlpfUnA632oyrTxBr9JaausmZyL 8EObdNojIHeDBAUXIUsY7oHcKkOmJ4LG9DSaU3Zn94t99hu+RA76VLs8pMbRvyXDHw aedHVZRXi4oGOUzKKURgLJvs5TSbRloeyWMTQXdY7B7Ta/tDUw40KRKnjnon/8Owyg vhzpmq/5d2+aQ==
To: "STARK, BARBARA H" <bs7652@att.com>, Babel at IETF <babel@ietf.org>
In-Reply-To: <2D09D61DDFA73D4C884805CC7865E6114DF7EECB@GAALPA1MSGUSRBF.ITServices.sbc.com>
References: <2D09D61DDFA73D4C884805CC7865E6114DF7EECB@GAALPA1MSGUSRBF.ITServices.sbc.com>
Date: Thu, 03 Jan 2019 21:58:25 +0100
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <87a7khxxu6.fsf@toke.dk>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/mgYo662oQ_JVyeSXhTmp2oZR6K8>
Subject: Re: [babel] hmac info model elements
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2019 20:59:03 -0000

"STARK, BARBARA H" <bs7652@att.com> writes:

> I'm looking at what's needed in the info model for HMAC.
>
> I don't think the Index and PC of the Interface and Neighbor tables need to (or should) be exposed in the info model.
> We had discussed previously that keys should not be readable -- only add and delete keys. In this case, it's good for a non-readable parameter to have a "nickname" or index to reference it with. And it can be useful to know when the key was added. In my experience, these sorts of shared keys are modeled as strings.
> Appendix A (incremental deployment and key rotation) indicates it should be possible to configure a mode where authenticated packets are sent but all packets are accepted.
> Multiple HMAC algorithms are possible. The draft doesn't say how the nodes know which algorithm is being used (if multiple are implemented). The draft does say that only one HMAC is calculated per key. Is it assumed the algorithm choice is configured?
> Should the challenge expiry timer be configurable?
> I've decided to have completely separate HMAC and DTLS objects, because they're very different now that I have detailed designs to work with.
> I'm adding an "operation" datatype to support key and cert manipulation. This is intended to be consistent with YANG "action" datatype.
>
> Proposed HMAC model:
> add to top level information-obj:
> babel-hmac-algorithms (enumerated list of supported HMAC computation algorithms)
>
> security-hmac-obj
>   security-hmac-enable (boolean: enable / disable this instance)
>   security-hmac-mode (Boolean: do or don't authenticate received
> packets)

How do those two interact?

>   security-hmac-algorithm (string: one of the supported HMAC algorithms)
>   security-interfaces (string list of references to interfaces-obj: the interfaces this instance applies to; if empty, it applies to all interfaces)
>   security-add-hmac-key (operation: inputs (reference name, key))  
>      hmac-key-obj

IMO, we'll need two per-key booleans as well: "use for authentication"
and "use for signing". They should be set independent of each other.

-Toke

v2.23.0 | Report a Bug | By Email