Re: [CGA-EXT] [dhcwg] Follow up request for review of draft-ietf-csi-dhcpv6-cga-ps

Tony Cheneau <tony.cheneau@it-sudparis.eu> Tue, 14 September 2010 22:08 UTC

Return-Path: <tony.cheneau@it-sudparis.eu>
X-Original-To: cga-ext@core3.amsl.com
Delivered-To: cga-ext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 585CE3A69A1; Tue, 14 Sep 2010 15:08:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_FR=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NWl+C2wcvOia; Tue, 14 Sep 2010 15:08:27 -0700 (PDT)
Received: from smtp4.int-evry.fr (smtp4.int-evry.fr [157.159.10.71]) by core3.amsl.com (Postfix) with ESMTP id 494A43A677C; Tue, 14 Sep 2010 15:08:27 -0700 (PDT)
Received: from smtp2.int-evry.fr (smtp2.int-evry.fr [157.159.10.45]) by smtp4.int-evry.fr (Postfix) with ESMTP id 3B01EFE0B50; Wed, 15 Sep 2010 00:08:52 +0200 (CEST)
Received: from smtp-ext.int-evry.fr (smtp-ext.int-evry.fr [157.159.11.17]) by smtp2.int-evry.fr (Postfix) with ESMTP id 813F440505B; Wed, 15 Sep 2010 00:05:13 +0200 (CEST)
Received: from localhost (alf94-6-82-226-232-167.fbx.proxad.net [82.226.232.167]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-ext.int-evry.fr (Postfix) with ESMTP id 18BD42C18A89; Wed, 15 Sep 2010 00:08:43 +0200 (CEST)
Date: Wed, 15 Sep 2010 00:08:42 +0200
From: Tony Cheneau <tony.cheneau@it-sudparis.eu>
To: Ted Lemon <Ted.Lemon@nominum.com>
Message-ID: <20100915000842.667d28ae@it-sudparis.eu>
In-Reply-To: <57452427-8824-4736-A8EF-022B3157935A@nominum.com>
References: <21C043C9-FE72-44F4-97A9-4684384F013D@gmail.com> <57452427-8824-4736-A8EF-022B3157935A@nominum.com>
X-Mailer: Claws Mail 3.7.6 (GTK+ 2.20.1; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-INT-MailScanner-Information: Please contact the ISP for more information
X-INT-MailScanner-ID: 813F440505B.A731E
X-INT-MailScanner: Found to be clean
X-INT-MailScanner-SpamCheck: n'est pas un polluriel, SpamAssassin (not cached, score=2.319, requis 6.01, BAYES_00 -2.60, HELO_LOCALHOST 3.94, RCVD_IN_SORBS_DUL 0.88, RDNS_DYNAMIC 0.10)
X-INT-MailScanner-SpamScore: ss
X-INT-MailScanner-From: tony.cheneau@it-sudparis.eu
Cc: "dhcwg@ietf.org Group" <dhcwg@ietf.org>, cga-ext@ietf.org, Droms <rdroms.ietf@gmail.com>, Ralph@core3.amsl.com
Subject: Re: [CGA-EXT] [dhcwg] Follow up request for review of draft-ietf-csi-dhcpv6-cga-ps
X-BeenThere: cga-ext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: CGA and SeND Extensions <cga-ext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cga-ext>
List-Post: <mailto:cga-ext@ietf.org>
List-Help: <mailto:cga-ext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Sep 2010 22:08:28 -0000

Hello Ted,

> This idea doesn't make sense to me from a security perspective--based
> on my probably naive understanding of CGA, it seems like this would
> mean that the private key would have to be sent over the wire in the
> clear.
I apology for not speaking for this draft directly (I only read the
draft a long time ago). However, for a CGA to be computed (remotely or
locally), you only need few public parameters (subnet prefix, public
key and such).
Actually, the CGA document (RFC 3972) makes no use of the private key
during the CGA generation and verification process. This is why you
usually need SEND (or a similar mechanism) to achieve the proof of
ownership (through a signature realized by the private key).
So, as long as the public/private key are generated on the node, I
would say that you will not need to communicate the private key (in
clear or in a ciphered form).

Hope it helps.

Regards,
	Tony