Re: [btns] Minor connection-latch problem in AUTH48

Nicolas Williams <> Mon, 19 October 2009 16:51 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8F6F83A6836 for <>; Mon, 19 Oct 2009 09:51:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.382
X-Spam-Status: No, score=-4.382 tagged_above=-999 required=5 tests=[AWL=-0.750, BAYES_40=-0.185, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id I+htnHucoqHg for <>; Mon, 19 Oct 2009 09:51:34 -0700 (PDT)
Received: from (sca-ea-mail-2.Sun.COM []) by (Postfix) with ESMTP id A71963A681E for <>; Mon, 19 Oct 2009 09:51:32 -0700 (PDT)
Received: from ([]) by (8.13.7+Sun/8.12.9) with ESMTP id n9JGpdBO007240 for <>; Mon, 19 Oct 2009 16:51:39 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM []) by (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id n9JGpdgW030692 for <>; Mon, 19 Oct 2009 10:51:39 -0600 (MDT)
Received: from binky.Central.Sun.COM (localhost []) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3) with ESMTP id n9JGeGji003141; Mon, 19 Oct 2009 11:40:16 -0500 (CDT)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3/Submit) id n9JGeEnc003140; Mon, 19 Oct 2009 11:40:14 -0500 (CDT)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to using -f
Date: Mon, 19 Oct 2009 11:40:14 -0500
From: Nicolas Williams <>
To: "Laganier, Julien" <>
Message-ID: <20091019164014.GF892@Sun.COM>
References: <20091015221608.GC907@Sun.COM> <> <20091016203953.GQ892@Sun.COM> <> <20091016211652.GV892@Sun.COM> <>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.7i
Cc: "" <>
Subject: Re: [btns] Minor connection-latch problem in AUTH48
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Better-Than-Nothing-Security Working Group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 19 Oct 2009 16:51:35 -0000

OK, this way the changes are much smaller and localized -- only the
description of CREATE_CONNECTION_LATCH() changes, to:

   o  CREATE_CONNECTION_LATCH(5-tuple, [type and quality-of-protection
      parameters], [peer ID], [local ID]) -> latch handle | error

         If a) the requested latch does not exist (or exists, but is in
         the CLOSED state), b) all the latch parameters are provided, or
         if suitable SAs exist in the SAD from which to derive them, and
         c) if there are no conflicts with the SPD and SAD, then this
         creates a connection latch in the ESTABLISHED state.  If the
         latch parameters are not provided and no suitable SAs exist in
         the SAD from which to derive those parameters, then the key
         manager MUST initiate child SAs, and if need be, IKE_SA, from
         which to derive those parameters.

         The key manager MAY delay the child SA setup and return
         immediately after the policy check, knowing that the ULP that
         requested the latch will subsequently output a packet that will
         trigger the SA establishment.  Such an implementation may
         require an additional state in the connection latch state
         machine, a "LARVAL" state, that is not described herein.

         If the connection latch ultimately cannot be established,
         either because of conflicts or because no SAs can be
         established with the peer at the destination address, then an
         error is returned to the ULP.  (If the key manager delayed SA
         establishment, and SA establishment ultimately fails, then the
         key manager has to inform the ULP, possibly asynchornously.
         This is one of several details that implementors who use a
         LARVAL state must take care of.)

How's that?

This way the change is small enough that it wouldn't have required WG
discussion.  I should have thought of this.  Thanks Julien!