[Gen-art] Gen-ART HIP drafts (base and esp) review
Black_David@emc.com Mon, 20 November 2006 05:47 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gm1zg-0001MA-9H; Mon, 20 Nov 2006 00:47:00 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gm1zf-0001HV-HS for gen-art@ietf.org; Mon, 20 Nov 2006 00:46:59 -0500
Received: from mexforward.lss.emc.com ([128.222.32.20]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gm1zb-0008Pz-5J for gen-art@ietf.org; Mon, 20 Nov 2006 00:46:59 -0500
Received: from mailhub.lss.emc.com (uraeus.lss.emc.com [10.254.144.14]) by mexforward.lss.emc.com (Switch-3.1.7/Switch-3.1.7) with ESMTP id kAK5kgRw014545; Mon, 20 Nov 2006 00:46:42 -0500 (EST)
Received: from corpussmtp3.corp.emc.com (corpussmtp3.corp.emc.com [10.254.64.53]) by mailhub.lss.emc.com (Switch-3.1.8/Switch-3.1.7) with ESMTP id kAK5jtwY008993; Mon, 20 Nov 2006 00:46:22 -0500 (EST)
From: Black_David@emc.com
Received: from CORPUSMX20A.corp.emc.com ([128.221.62.11]) by corpussmtp3.corp.emc.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 20 Nov 2006 00:46:21 -0500
X-MIMEOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 20 Nov 2006 00:46:20 -0500
Message-ID: <F222151D3323874393F83102D614E055068B8895@CORPUSMX20A.corp.emc.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Gen-ART HIP drafts (base and esp) review
Thread-Index: AccMZzPEFieko+krQ7GIQtjJO4uoSA==
To: gen-art@ietf.org, rgm@icsalabs.com, pekka.nikander@nomadiclab.com, petri.jokela@nomadiclab.com, thomas.r.henderson@boeing.com
X-OriginalArrivalTime: 20 Nov 2006 05:46:21.0312 (UTC) FILETIME=[34F71000:01C70C67]
X-PMX-Version: 4.7.1.128075, Antispam-Engine: 2.4.0.264935, Antispam-Data: 2006.11.19.211432
X-PerlMx-Spam: Gauge=, SPAM=0%, Reason='EMC_BODY_1+ -3, EMC_FROM_0+ -2, NO_REAL_NAME 0, __C230066_P5 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CTYPE_CHARSET_QUOTED 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __IMS_MSGID 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0'
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 32b73d73e8047ed17386f9799119ce43
Cc: townsley@cisco.com, Black_David@emc.com, dward@cisco.com
Subject: [Gen-art] Gen-ART HIP drafts (base and esp) review
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org
I have been selected as the General Area Review Team (Gen-ART) reviewer for this draft (for background on Gen-ART, please see http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). Please resolve these comments along with any other Last Call comments you may receive. Document: <draft-ietf-hip-base-06.txt> and <draft-ietf-hip-esp-04.txt> Reviewer: David L. Black Review Date: November 19, 2006 IETF LC End Date: November 19, 2006 These drafts are on the right track, but have open issues, described in the review. The drafts are in very good shape - the key security areas are well- specified, and in some cases better than some of what I've seen in IPsec drafts. The open issues are those not marked as nits below - the only one that looks potentially serious/difficult is the dependence on IP fragmentation. <draft-ietf-hip-base-06.txt> Nit: The phrase "standard authenticated Diffie-Hellman key exchange for session key generation" occurs starting in Section 4.1 - explain what "standard" means. The treatment of Opportunistic Mode in Section 4.1.6 is "interesting" for a security protocol document in that it deliberately omits the details and security considerations. If this draft were headed for Proposed Standard RFC status, that would be grounds for removal of Opportunistic mode, but this draft is headed for Experimental RFC status, for which the lack of details may be acceptable. If the Security Area has not already commented on this (e.g., in the secdir review), please bring this issue to their attention. Section 5.1.3 indicates a reliance of HIP on IP fragmentation. IP fragmentation is becoming increasingly troublesome, so this will be a problem in practice. The corresponding reliance on IP fragmentation for IKE is a known cause of problems with certificates, as the size of some certificates is a common cause of IP fragmentation with UDP/IP. At a minimum, this section should carry a strong recommendation that the separately-specified HIP support for certificates support Hash & URL certificate formats in order to avoid certificate sizes that will cause IP fragmentation. Certificates are a major cause of IP fragmentation in IKE, particularly when chains are involved. The text in Section 5.3.2 on Diffie-Hellman value reuse could use some clarification. The underlying issue is that the HIP exchange does not use the nonces that IKE and IKEv2 use, which makes DH value reuse significantly more dangerous. The current text says that DH values SHOULD not be reused unless the system is under attack (I1 storms), in which case they MAY be reused. This appears to drop the level of security in response to an attack, which may not be the best course of action. I don't want to say that HIP ought to use IKE-like nonces, but this text appears to need some more thought. Section 5.3.3 doesn't discuss DH value reuse. It should. Section 5.3.6 and Section 6.13 need more precision on the sorts of "state information changes" that SHOULD NOT be made as a consequence of receiving a NOTIFY packet. Section 6.5 needs to specify how to calculate the Diffie-Hellman Kij value. Nit: In Section 6.6.1, the connection between limitations on sending I1's and DoS attacks is not clear. A DoS attacker will not respect the limitations in this section, so the discussion might be in terms of not making a bad situation worse (probably already covered under "network congestion") or detection of a DoS attack at the receiver by determining that the sender is not observing these limitations. Nit: In Section 9, please give IANA some guidance on how to deal with the unused Notify Message Type values that are less than 42. <draft-ietf-hip-esp-04.txt> Nit: Section 3.3.5, change "AES" to "AES-CBC" in two places. There are AES modes other than CBC defined for use with ESP. Thanks, --David ---------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 black_david@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------- _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Gen-ART HIP drafts (base and esp) review Black_David
- [Gen-art] Re: Gen-ART HIP drafts (base and esp) r… Petri Jokela
- [Gen-art] Re: Gen-ART HIP drafts (base and esp) r… Pekka Nikander
- [Gen-art] RE: Gen-ART HIP drafts (base and esp) r… Black_David
- [Gen-art] Re: Gen-ART HIP drafts (base and esp) r… Pekka Nikander
- RE: [Gen-art] Re: Gen-ART HIP drafts (base and es… Black_David
- Re: [Gen-art] Re: Gen-ART HIP drafts (base and es… Pekka Nikander
- RE: [Gen-art] Re: Gen-ART HIP drafts (base and es… Black_David