IETF Logo Mail Archive

Re: [btns] Minor connection-latch problem in AUTH48

"Laganier, Julien" <julienl@qualcomm.com> Mon, 19 October 2009 21:59 UTC

Return-Path: <julienl@qualcomm.com>
X-Original-To: btns@core3.amsl.com
Delivered-To: btns@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 66FE33A6981 for <btns@core3.amsl.com>; Mon, 19 Oct 2009 14:59:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.71
X-Spam-Level:
X-Spam-Status: No, score=-103.71 tagged_above=-999 required=5 tests=[AWL=-1.111, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oFlKO-PLOdlN for <btns@core3.amsl.com>; Mon, 19 Oct 2009 14:59:30 -0700 (PDT)
Received: from wolverine02.qualcomm.com (wolverine02.qualcomm.com [199.106.114.251]) by core3.amsl.com (Postfix) with ESMTP id 42A073A69AB for <btns@ietf.org>; Mon, 19 Oct 2009 14:59:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=julienl@qualcomm.com; q=dns/txt; s=qcdkim; t=1255989577; x=1287525577; h=from:to:cc:date:subject:thread-topic:thread-index: message-id:references:in-reply-to:accept-language: content-language:x-ms-has-attach:x-ms-tnef-correlator: acceptlanguage:content-type:content-transfer-encoding: mime-version:x-ironport-av; z=From:=20"Laganier,=20Julien"=20<julienl@qualcomm.com> |To:=20Nicolas=20Williams=20<Nicolas.Williams@sun.com> |CC:=20"btns@ietf.org"=20<btns@ietf.org>|Date:=20Mon,=201 9=20Oct=202009=2014:59:31=20-0700|Subject:=20RE:=20[btns] =20Minor=20connection-latch=20problem=20in=20AUTH48 |Thread-Topic:=20[btns]=20Minor=20connection-latch=20prob lem=20in=20AUTH48|Thread-Index:=20AcpQ3X0dFfgmz/SlTImNd+X DyrqwhAADjoCw|Message-ID:=20<BF345F63074F8040B58C00A186FC A57F1C648C9F4D@NALASEXMB04.na.qualcomm.com>|References: =20<20091015221608.GC907@Sun.COM>=0D=0A=20<BF345F63074F80 40B58C00A186FCA57F1C2A67DF98@NALASEXMB04.na.qualcomm.com> =0D=0A=20<20091016203953.GQ892@Sun.COM>=0D=0A=20<BF345F63 074F8040B58C00A186FCA57F1C2A67DFC1@NALASEXMB04.na.qualcom m.com>=0D=0A=20<20091016211652.GV892@Sun.COM>=0D=0A=20<BF 345F63074F8040B58C00A186FCA57F1C2A67DFD7@NALASEXMB04.na.q ualcomm.com>=0D=0A=20<20091019164014.GF892@Sun.COM> |In-Reply-To:=20<20091019164014.GF892@Sun.COM> |Accept-Language:=20en-US|Content-Language:=20en-US |X-MS-Has-Attach:|X-MS-TNEF-Correlator:|acceptlanguage: =20en-US|Content-Type:=20text/plain=3B=20charset=3D"us-as cii"|Content-Transfer-Encoding:=20quoted-printable |MIME-Version:=201.0|X-IronPort-AV:=20E=3DMcAfee=3Bi=3D"5 300,2777,5776"=3B=20a=3D"25609620"; bh=LZde4+6kCXiFjUAfiXbk1KTWdU0ANvXLKz4OaH7Oj50=; b=PB32xlwjv2ys6+SRGPvXYxWpYYwHSS9c/BcI3Uc008kAVo55n1ko9i8W /cpZNT9gPrckdPyXNDnB1T5l/jrHRBcyUINweilCmBCwa9z/rMEdvYk+p /DSrZPsyoMJjCHNe3dzgN5eT6DYpbCdTz8UjAEogMrerRgBT/Mxsih7OA 4=;
X-IronPort-AV: E=McAfee;i="5300,2777,5776"; a="25609620"
Received: from pdmz-ns-mip.qualcomm.com (HELO ithilien.qualcomm.com) ([199.106.114.10]) by wolverine02.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 19 Oct 2009 14:59:37 -0700
Received: from msgtransport01.qualcomm.com (msgtransport01.qualcomm.com [129.46.61.148]) by ithilien.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id n9JLxbbt004937 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 19 Oct 2009 14:59:37 -0700
Received: from nasanexhub03.na.qualcomm.com (nasanexhub03.na.qualcomm.com [10.46.93.98]) by msgtransport01.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id n9JLxaSE017156 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Mon, 19 Oct 2009 14:59:37 -0700
Received: from nasanex14h01.na.qualcomm.com (10.46.94.107) by nasanexhub03.na.qualcomm.com (10.46.93.98) with Microsoft SMTP Server (TLS) id 8.2.176.0; Mon, 19 Oct 2009 14:59:36 -0700
Received: from nalasexhc03.na.qualcomm.com (10.47.129.194) by nasanex14h01.na.qualcomm.com (10.46.94.107) with Microsoft SMTP Server (TLS) id 14.0.639.21; Mon, 19 Oct 2009 14:59:36 -0700
Received: from NALASEXMB04.na.qualcomm.com ([10.47.7.114]) by nalasexhc03.na.qualcomm.com ([10.47.129.194]) with mapi; Mon, 19 Oct 2009 14:59:33 -0700
From: "Laganier, Julien" <julienl@qualcomm.com>
To: Nicolas Williams <Nicolas.Williams@sun.com>
Date: Mon, 19 Oct 2009 14:59:31 -0700
Thread-Topic: [btns] Minor connection-latch problem in AUTH48
Thread-Index: AcpQ3X0dFfgmz/SlTImNd+XDyrqwhAADjoCw
Message-ID: <BF345F63074F8040B58C00A186FCA57F1C648C9F4D@NALASEXMB04.na.qualcomm.com>
References: <20091015221608.GC907@Sun.COM> <BF345F63074F8040B58C00A186FCA57F1C2A67DF98@NALASEXMB04.na.qualcomm.com> <20091016203953.GQ892@Sun.COM> <BF345F63074F8040B58C00A186FCA57F1C2A67DFC1@NALASEXMB04.na.qualcomm.com> <20091016211652.GV892@Sun.COM> <BF345F63074F8040B58C00A186FCA57F1C2A67DFD7@NALASEXMB04.na.qualcomm.com> <20091019164014.GF892@Sun.COM>
In-Reply-To: <20091019164014.GF892@Sun.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "btns@ietf.org" <btns@ietf.org>
Subject: Re: [btns] Minor connection-latch problem in AUTH48
X-BeenThere: btns@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Better-Than-Nothing-Security Working Group discussion list <btns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/btns>
List-Post: <mailto:btns@ietf.org>
List-Help: <mailto:btns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2009 21:59:31 -0000

Hi Nico,

Nicolas Williams wrote:
> 
> OK, this way the changes are much smaller and localized -- only the
> description of CREATE_CONNECTION_LATCH() changes, to:
> 
>    o  CREATE_CONNECTION_LATCH(5-tuple, [type and quality-of-protection
>       parameters], [peer ID], [local ID]) -> latch handle | error
> 
>          If a) the requested latch does not exist (or exists, but is in
>          the CLOSED state), b) all the latch parameters are provided, or
>          if suitable SAs exist in the SAD from which to derive them, and
>          c) if there are no conflicts with the SPD and SAD, then this
>          creates a connection latch in the ESTABLISHED state.  If the
>          latch parameters are not provided and no suitable SAs exist in
>          the SAD from which to derive those parameters, then the key
>          manager MUST initiate child SAs, and if need be, IKE_SA, from
>          which to derive those parameters.
> 
>          The key manager MAY delay the child SA setup and return
>          immediately after the policy check, knowing that the ULP that
>          requested the latch will subsequently output a packet that
>          will trigger the SA establishment.  Such an implementation may
>          require an additional state in the connection latch state
>          machine, a "LARVAL" state, that is not described herein.
> 
>          If the connection latch ultimately cannot be established,
>          either because of conflicts or because no SAs can be
>          established with the peer at the destination address, then an
>          error is returned to the ULP.  (If the key manager delayed SA
>          establishment, and SA establishment ultimately fails, then the
>          key manager has to inform the ULP, possibly asynchornously.
>          This is one of several details that implementors who use a
>          LARVAL state must take care of.)
> 
> How's that?
> 
> This way the change is small enough that it wouldn't have required WG
> discussion.  I should have thought of this.  Thanks Julien!

Hmm. Better, but somehow I'd rather take the 2 last paragraphs about the "larval" state completely out, because right now it IMHO says either too much or too less. It's not precise enough to tell an implementer who hasn't followed that discussion what to do yet it outlines at alternative to the key manager establishing the SA straight and the ULP latching the connection on the SA.

If you want to keep the "larval" text in, I've did some wordsmithing below that you might want to consider:
 
>          The key manager MAY delay the child SA setup and return
>          immediately after the policy check, knowing that the ULP that
>          requested the latch will subsequently output a packet that
>          will trigger the SA establishment.  Such an implementation may
>          require an additional transient state in the connection latch state
>          machine, a "LARVAL" state, to which the connection is latched pending
>          establishment of the SA. The "LARVAL" state is not described further herein.
> 
>          If the connection latch ultimately cannot be established,
>          either because of conflicts or because no SAs can be
>          established with the peer at the destination address, then an
>          error is returned to the ULP.  (Note that if the key manager delayed SA
>          establishment, and SA establishment ultimately fails, then the
>          key manager has to inform the ULP, possibly asynchronously.
>          This is one of several details that implementers who use a
>          LARVAL state must take care of.)

--julien

v2.23.0 | Report a Bug | By Email