IETF Logo Mail Archive

Re: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17

Lishan Li <lilishan48@gmail.com> Fri, 02 December 2016 15:53 UTC

Return-Path: <lilishan48@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1380129542 for <dhcwg@ietfa.amsl.com>; Fri, 2 Dec 2016 07:53:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4vY-y486OokZ for <dhcwg@ietfa.amsl.com>; Fri, 2 Dec 2016 07:53:05 -0800 (PST)
Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B29C12952C for <dhcwg@ietf.org>; Fri, 2 Dec 2016 07:53:05 -0800 (PST)
Received: by mail-qt0-x235.google.com with SMTP id p16so254825948qta.0 for <dhcwg@ietf.org>; Fri, 02 Dec 2016 07:53:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=04AvwgCUwoXIQ/j5a8Y2xpMo34TPfIfEHVJa05ZkUWs=; b=moolZ3pfS9IjAXgy6+UTSFoLPDnwJY49rYAP5LYmv8eNZDRM7WLglkExjcdpI2ejy6 7yN6DXgJ/+NuzDfrxIo4kgYPYPfolz3PqSc+yYeqV+n1WEmnt8YUUXCMwJvXdJXztNfl vvqayvWHlbsxJop8hg/JqKYzzHHDbG7gdggHbffLLFnB4ysxpVg3Wppi0wePaZl3QoYA UHZmZYp+sj10oVMmGOeoGFXKYc6xhwQQckkRHGgtABSLLoV23TVeU4iV5cGF7Iv2lbAU BAUF3IVwq2k/kFRvKREq0FeN58O0EQclP4wKzx3TDcsGY90qFB48MGEnvw4kUDw5QLuS 6CWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=04AvwgCUwoXIQ/j5a8Y2xpMo34TPfIfEHVJa05ZkUWs=; b=LoDZmc0Kt7oDryD9KpEb38bRjTwsAeWuHOzQHLnupfAeJt7Gc6FuZvvqe4VplptoRw q/8ATqOf2On6Rlws9EHaZB1wXhWCUtbyeV9Wg/oy8iqYXSd2TPR9QsJPP3A6RRG/M+xk S0xdu9yJmgadUQi/+3w5l+IUyBoFvsy9VGd7df34iNA7xPUPnvCNgUk4F6qKn4QRZ3W7 9uqjTf6mtZbJ5sWH6MazzdGyWuGkn2yI404VLYriUMbNcm+AvKlD3G3WiYkkmqCjM2TJ inyE8+JnjU/YwlLUZXOrLWKAzxZI32AkYsSPeWKPu8FtdF5avEw2Qux4b+m6IrgDY2Rv 7/2g==
X-Gm-Message-State: AKaTC03QqZS9Uc23QCyvVqw0I2CuVlWzeiycP10d9SnmibPZ4aDfhDzs/9V5R3wj0gppuO8G4kYzC4iXmNYh6g==
X-Received: by 10.200.36.46 with SMTP id c43mr37681134qtc.260.1480693984605; Fri, 02 Dec 2016 07:53:04 -0800 (PST)
MIME-Version: 1.0
Received: by 10.237.36.211 with HTTP; Fri, 2 Dec 2016 07:53:03 -0800 (PST)
In-Reply-To: <CAPt1N1nU=jQBh+9BOU3jcugYaeCwmh2r9a1YNdBX_7aBJRGDQQ@mail.gmail.com>
References: <CAJE_bqebwr2WUUgaNgiYS4_8L77Gxj4Os+oPRG407B6ELMEhCQ@mail.gmail.com> <CAJ3w4Ndi5Gq63n5kZnanRhLM8nWE2wsWGh0kJJLJnq=VoXLuCg@mail.gmail.com> <CAJE_bqegh1DfWjfK2BxeC_fWa0cEk-KJNP0AT-TQuEa39w_wVQ@mail.gmail.com> <CAJ3w4NdM99nv4C19Xj=aosNme+_Ymyys=xQ3UWUfeZReZC4ckA@mail.gmail.com> <CAJE_bqdhGZnK16MooiyujDgthDNnR74EiwW0OevrN6uq4b4ANw@mail.gmail.com> <CAJE_bqfKUZe2yaW1sAq7rrib0M7wz28HHtPLqCHK=vXcN6amgg@mail.gmail.com> <CAJ3w4Nd3s+ZojjiotLkKwys6truhUgK6F-90UYjcpB9iw=fKKQ@mail.gmail.com> <m2r36nuqvn.wl%jinmei.tatuya@gmail.com> <CAJ3w4NeuNYTrX4p5rtZ6UceD5ydQ-B-vY6aqQzxWnXsrDOEFEA@mail.gmail.com> <CAJE_bqdh-bgk7BHZJnaFFBr3PDj4ZnSSGeGNdQ70F7dv91iQrA@mail.gmail.com> <CAJ3w4NfU9PrC9a+MGnJ=Es1yir_asHB3p1=9GfxZZ0iSe+At+Q@mail.gmail.com> <CAJE_bqfRBYkrniWQ+vtPULTURnvyV792QNGvr8JhhZpGQ0MSdA@mail.gmail.com> <CAJ3w4NerRzHYsRqcUAkAjHX23PYVF4Jv0wKcd33vXRRg+-0EAQ@mail.gmail.com> <CAJ3w4NekPk0TuAZW_jmTDYQHd8JP3GsrA0qrKYrnyqSSk3qwxw@mail.gmail.com> <CAJE_bqc8hkrc3dYefTPWi-mUCtZD+oYsrobCK1KjmVGRnNfMCw@mail.gmail.com> <CAJ3w4NejrFAT3RK7i0W46HkQNJjhPxbhzQiL=3fcrceidTzHNQ@mail.gmail.com> <CAJE_bqcCwZWPHuZ0UR8_jyCUsaTrYKzLD8zUKwChYaCL06yT9A@mail.gmail.com> <CAJ3w4NfS8PKOMHcP5s_Nsp5K5eWJfXWRF-vNEau_ekqTRwE=wA@mail.gmail.com> <CAJE_bqfqSXFR9R5wf1USg-zs+nvdohQFq99kQL2DiapXvUdEqA@mail.gmail.com> <CAJ3w4Ncj40JwrW6UB+TVFvymByU5Y9iFv5QroWhwUzkLrS2DTg@mail.gmail.com> <CAJE_bqd38grUh9q57a-H29GsMx5Dpv9VE0iBMO7v_-y97zZZUg@mail.gmail.com> <CAJ3w4Ne63cnqoeTZk=PDmAN9+i6jwzyxbK+up45wB9h+xUDSfw@mail.gmail.com> <CAJE_bqceK7YLpMqhgjqrFQh7641a+ZRcnO0F6p6BiM8EMKmA7w@mail.gmail.com> <CAJ3w4Nf65b1zo-smMguZBc_-RbFh2y8kk7Fnu__TKCQEVbs48w@mail.gmail.com> <CAJE_bqeVciLxS_q=deRKLBr12ZGXxx2wdFiztJxJjfS7aAV2Ag@mail.gmail.com> <CAJ3w4NcvyeuRWJatGGH7U4g413GQvr9LHtDiX13zSOz7kBGEhw@mail.gmail.com> <CAJE_bqfFOhe26huAP8_BFKjnTXbG4F0vUfMYs5Xy=3RQigS7FA@mail.gmail.com> <CAJ3w4Ne81LVsaznu_yck7fG7iJyGm=WY4=i2AF8gx39Tf59eMA@mail.gmail.com> <CAJE_bqceRD2+vkfwR+Egr=CgyAT4wd1Wmxp1S=f3WRFGs9j4sg@mail.gmail.com> <CAJ3w4NcnAe3Enhs6KVgBkpa+BivLGRw9SGJ1RmAq7q=HM8Ph6Q@mail.gmail.com> <CAJE_bqcTpK0j_yfza3KPavEgdcpk2z+ZivZt8Hs1m2NrE7_scA@mail.gmail.com> <CAJ3w4NfEqpZu+fYO_1A06bVT2Qzqc1qyTi_NkKrBjWGCJGwJVA@mail.gmail.com> <CAJE_bqeXr02-9f5MrntfhmgQfNF=F9h+A62TBR-C4tAxcRDx-g@mail.gmail.com> <CAJ3w4NfoebD1PnE82AwVz0s5s7y5pCoaX3ATJWtAa37aOej9hw@mail.gmail.com> <CAJE_bqeBawJ4c36y19zNZuCX--WK0A8mjhqviwHesawpXqr_tA@mail.gmail.com> <CAJ3w4Ne7BHLVuoo86kiKLRxre6VtoQ6HSAa3O+CbE4B30V3hAA@mail.gmail.com> <CAPt1N1nU=jQBh+9BOU3jcugYaeCwmh2r9a1YNdBX_7aBJRGDQQ@mail.gmail.com>
From: Lishan Li <lilishan48@gmail.com>
Date: Fri, 02 Dec 2016 23:53:03 +0800
Message-ID: <CAJ3w4NfiLA4uPF_Q2oGuPdJaG6NUvGwkv4w4LK_znx4RV179oA@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Content-Type: multipart/alternative; boundary="001a113f4312f94aea0542aeee30"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/KvRA9LdWy7CWShMKgjv1op7JcRM>
Cc: "dhcwg@ietf.org" <dhcwg@ietf.org>, 神明達哉 <jinmei@wide.ad.jp>
Subject: Re: [dhcwg] preliminary comments on draft-ietf-dhc-sedhcpv6-17
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Dec 2016 15:53:09 -0000

Dear Ted, Jinmei,

Thanks a lot for your guidance and help to complete the draft. I have
summarized the discussion content. Looking forward to your further guidance.

1. Algorithm negotiation method
Before version:
Through the Reply message, the server informs the client of the encryption,
signature, hash algorithms list; And then the client selects one
encryption,
signature, hash algorithm from the algorithms list for the future
communication.

The disadvantage:
The Reply message contains the algorithms list. So, the Reply message
contains multiple certificate options, signature options. For different
encryption algorithms, the certificate is different. And for the different
hash and signature algorithms, the signature is also different.

So, we made the following update:
+-------------------+                           +--------------------+
|DHCPv6 Client|                            |DHCPv6 Server|
+-------------------+                           +--------------------+
      |            Information-request           |

      |-------------------------------------------->|
      |             Algorithm option               |
      |           Option Request option       |
      |                                                     |
      |                    Reply                        |
      |<-------------------------------------------|
      |             Certificate option              |
      |             Signature option               |
      |          Increasing-number option   |
      |         Server Identifier option         |

(1) Define a new option: Algorithm option which contains the encryption,
signature, hash algorithms list.
Firstly, the client informs the server of the algorithms lists, and then
the server selects the algorithms from the lists. In this way, just only
one certificate, signature is contained.
(2) Delete the AlgorithmNotSupported error status code;
The algorithm option must contain the mandatory algorithms, so there is
no case that the server does not support the informed algorithms.


2. For server: The Identifier of the private key for decryption
Before version:
The server may have multiple public/private key pairs for multiple clients.
The transaction ID is used as the identifier of the private key for
decryption.
Firstly, the server informs the client of the certificate in the Reply
message and record the relationship of the key pair and the transaction ID.

The disadvantage:
The Encrypted-Query and Encrypted-Response messages must use the same
transaction-id of the Information-request and Reply message. And the
multiple clients may be using the same transaction-id.

So, we made the following update:
Add the Encryption Key Tag option to identify the used public/private
key pair. The Encrypted-Query message contains the Encryption Key Tag
option. The Encryption Key Tag option is calculated by the public key,
as the fingerprint of the public key.
For the calculation method, Jinmei thinks that it should be defined in
our document. In this way, the server can first calculate all the
key tag of the key pair locally. And then the server compares the
received key tag with it to find the corresponding private key for
decryption. In this way, the calculation method is also needed to
complete.
And my opinion is that: For the first Encrypted-Query
message, the server can try all the possible private keys and then
establishes the relationship of the Key Tag and the key pair.

3. For client: The identifier of the private key for decryption
Before version: Not Define the identifier of the private key;

Lishan's option: The client only uses one public/private key pair
with the DHCPv6 server. So there is no need to define a new
identifier;
Jinmei's opinion: This is based on the fact that: The
client only communicates with only one DHCPv6 server for configuration.
And there is no such restriction in the base protocol(RFC 3315 and bis)

Update: Add the description that: During the DHCPv6 configuration process,
the client MUST only use one certificate to establish the encrypted
communicate with the DHCPv6 server.

4. error status code
Before version: 1. If the server receives the solicit message without
the certificate option, the server sends the encrypted UnspecFail
error status code to the client.
2. If the server receives the Encrypted-Query message and decryption
fails, then sends the encrypted DecryptionFail error status code to
the client.

Issue: For the above two cases, the server cannot know the public
key of the client, there is no way to send the encrypted Reply
message to the client.

Update: The server just drops the message without sending the
error status code to them.


Best Regards,
Lishan

2016-12-02 21:55 GMT+08:00 Ted Lemon <mellon@fugue.com>:

> Can I ask, where are you guys on this?   There's been so much
> discussion that I've lost the thread.   Is anybody producing a summary
> of issues?
>
> On Fri, Dec 2, 2016 at 1:34 AM, Lishan Li <lilishan48@gmail.com> wrote:
> > 2016-12-02 3:44 GMT+08:00 神明達哉 <jinmei@wide.ad.jp>:
> >>
> >> At Thu, 1 Dec 2016 19:46:06 +0800,
> >> Lishan Li <lilishan48@gmail.com> wrote:
> >>
> >> > > This didn't answer my question.  Could you first answer the
> question?
> >> > > If there's no such restriction in the base protocol, we cannot
> assume
> >> > > it and can't assume it in designing sedhcpv6.
> >> > >
> >> > [LS]: I just think that it is a default fact. Could you please give an
> >> > example that the client communicates with two DHCPv6 servers
> >> > for the address configuration in the same time?
> >>
> >> I don't have an example; I already noted it would be unlikely in
> >> practice.  My point is that unless the restriction is specified in the
> >> protocol we can't design a new protocol implicitly assuming that
> >> restriction.  Otherwise someone may deploy the service with violating
> >> the assumption, and we cannot blame them as it's invalid.  We should
> >> either:
> >> 1. design the protocol (=sedhcpv6) so it can work without the
> >>   assumption, or
> >> 2. explicitly state it's a restriction that this protocol assumes
> >>
> >> BTW, on thinking about the reconfigure case more, I realized that
> >> including a key tag option for the client public key in the Encrypted
> >> Reply is probably a bad idea, as it could be used for client-tracking.
> >> So, in the end, option #2 above may be the least bad option anyway.
> >> The assumed restriction wouldn't be that restrictive in practice, and
> >> the client can still try all possible key pairs (if it uses multiple
> >> pairs) in the rare corner cases.
> >
> > [LS]: Agree. Then in this version, we adds the assumption description
> > clearly.
> >
> > Best Regards,
> > Lishan
> >
> > _______________________________________________
> > dhcwg mailing list
> > dhcwg@ietf.org
> > https://www.ietf.org/mailman/listinfo/dhcwg
> >
>

v2.23.0 | Report a Bug | By Email