[Hipsec-rg] next steps with draft-heer-hip-middle-auth-00
julien.IETF at laposte.net (Julien Laganier) Thu, 24 January 2008 08:26 UTC
From: "julien.IETF at laposte.net"
Date: Thu, 24 Jan 2008 09:26:01 +0100
Subject: [Hipsec-rg] next steps with draft-heer-hip-middle-auth-00
In-Reply-To: <200801240906.18235.julien.IETF@laposte.net>
References: <77F357662F8BFA4CA7074B0410171B6D04049B5D@XCH-NW-5V1.nw.nos.boeing.com> <Pine.SOL.4.64.0801240020280.1083@kekkonen.cs.hut.fi> <200801240906.18235.julien.IETF@laposte.net>
Message-ID: <200801240926.03441.julien.IETF@laposte.net>
On Thursday 24 January 2008, Julien Laganier wrote: > On Wednesday 23 January 2008, Miika Komu wrote: > > Hi Julien, > > > > I didn't get the point with statefull firewalls, can you clarify? > > The SPI field is integrity protected. Also, a fake base exchange > > (to create a fake ESP channel) can pass all ACL checks in the > > firewall if the firewall does not check signatures in a mobile > > environment. > > Hi Miika, > > The midbox cannot verify that the ESP packet originates from a node > that participated in the BEX. It only verify that the ESP SPI was > included in the base exchange, but there is no strong (cryptographic) > validation of data origin at the midbox for ESP. > > Since in the end no strong guarantee on the ESP data origin is > provided, IMHO it seems that the (strong) validation of BEX > signatures by midboxes hasn't much value. Security strength is > determined by the strength of each element of the chain. Here the > last element is weak (looking at SPI without verifying data origin) > thus I'm not convinced about the strength of the mechanism. ...and consequently I don't see a need to make BEX inspection security even stronger (Tobia's proposal) since the weak admission control of ESP packets will remain. Again, I think we should discuss first what is the security service we want to provide (e.g. admission control), and requirements we place, before entering solution space. --julien
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Julien Laganier
- [Hipsec-rg] next steps with draft-heer-hip-middle… Miika Komu
- [Hipsec-rg] next steps with draft-heer-hip-middle… Julien Laganier
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Julien Laganier
- [Hipsec-rg] next steps with draft-heer-hip-middle… Julien Laganier
- [Hipsec-rg] next steps with draft-heer-hip-middle… Miika Komu
- [Hipsec-rg] next steps with draft-heer-hip-middle… Julien Laganier
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Samu Varjonen
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Samu Varjonen
- [Hipsec-rg] next steps with draft-heer-hip-middle… Julien Laganier
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Tobias Heer
- [Hipsec-rg] next steps with draft-heer-hip-middle… Julien Laganier
- [Hipsec-rg] next steps with draft-heer-hip-middle… Samu Varjonen
- [Hipsec-rg] next steps with draft-heer-hip-middle… Miika Komu
- [Hipsec-rg] next steps with draft-heer-hip-middle… Henderson, Thomas R