Re: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17

[Lishan Li <lilishan48@gmail.com>]

2016-11-15 1:24 GMT+08:00 神明達哉 <jinmei@wide.ad.jp>:

> At Tue, 15 Nov 2016 00:16:41 +0800,
> Lishan Li <lilishan48@gmail.com> wrote:
>
> > >> Alternatively, we might add both an EA-id and SA-id fields to the
> > >> option:
> > >>
> > >>     0                   1                   2                   3
> > >>     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> > >>    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> > >>    |      OPTION_CERTIFICATE       |         option-len            |
> > >>    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> > >>    |            EA-id              |            SA-id              |
> > >>    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> > >>    |                                                               |
> > >>    .                  Certificate List(variable length)            .
> > >>    |                                                               |
> > >>    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> > >> (I'm not sure if this has to be a list of certificates instead of one
> > >> certificate, but that's a different question).
> > >
> > >
> > >> And we can use a value of 0 for EA-id and SA-id to mean this
> > >> certificate is not supposed to be used for encryption and signature,
> > >> respectively.  (The combination of 0, 0 makes no sense so we should
> > >> probably prohibit the use of it explicitly).
> > >>
> > > [LS]: So, there is no need to define a new field. The EA-id and SA-id
> are
> > > used to identify the certificate type.
>
> If you use this approach, correct.  Note, however, that I'm not
> necessarily pushing a particular approach at this time.  I'm just
> showing various possible approaches for discussion.  You may want to
> consider pros and cons of these approaches yourself.
>
> > > And the certificate list field should be changed to certificate field.
> If
> > > multiple
> > > certificates are contained, then multiple certificate option is
> contained.
>
> Regarding this, I'm not sure.  Basically the choice of EA-id and SA-id
> should be fixed (it should be the most preferred one for the server,
> and it's known that the client supports it), so the question is
> whether we want to make it possible to include multiple different
> certificates for that combination of EA and SA.  That sounds to me
> like an unlikely scenario in practice, although being flexible/generic
> itself is not necessarily bad.
>
> > [LS]: In this way, the certificate option and Signature option all
> contain
> > the SA-id field. And the content of the two SA-ids are same.
>
> Yes (otherwise the recipient should treat it as an error condition).
>
> BTW this makes me notice one related issue: it doesn't seem to be
> possible for a server to identify the private key to decrypt the
> message contained in an Encrypted-message Option contained in the
> Encrypted-Query message unless it tries all private keys it might be
> used.
>
[LS]: The private key which is corresponding to the public key for
encryption
algorithm is used for decryption. After sending the Reply message, the
message
transaction-id is used as the identifier of the private key for decryption.