IETF Logo Mail Archive

Re: [Hipsec] [saag] NULL encryption mode in RFC 5202-bis

Henry B Hotz <hbhotz@oxy.edu> Tue, 22 July 2014 00:51 UTC

Return-Path: <hbhotz@oxy.edu>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD1CF1A01E5; Mon, 21 Jul 2014 17:51:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Level:
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 10mUoacmDUrB; Mon, 21 Jul 2014 17:51:20 -0700 (PDT)
Received: from mailout4.easymail.ca (mailout.easymail.ca [64.68.200.169]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2407A1A0197; Mon, 21 Jul 2014 17:51:20 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mailout4.easymail.ca (Postfix) with ESMTP id AE082E7D0; Mon, 21 Jul 2014 20:51:17 -0400 (EDT)
X-Virus-Scanned: Debian amavisd-new at mailout4.easymail.ca
Received: from mailout4.easymail.ca ([127.0.0.1]) by localhost (easymail-mailout2.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tYugvQ7mjF7k; Mon, 21 Jul 2014 20:51:13 -0400 (EDT)
Received: from [192.168.3.137] (71-80-163-186.static.lsan.ca.charter.com [71.80.163.186]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mailout4.easymail.ca (Postfix) with ESMTPSA id E0AFBE72B; Mon, 21 Jul 2014 20:51:11 -0400 (EDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_C883EB27-03CB-443D-AA77-52057B2AB9BD"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Henry B Hotz <hbhotz@oxy.edu>
In-Reply-To: <7BAC95F5A7E67643AAFB2C31BEE662D01EE45B1C4E@SC-VEXCH2.marvell.com>
Date: Mon, 21 Jul 2014 17:51:09 -0700
Message-Id: <5AE7C4C6-CB51-44EF-A73C-279AC3BC3561@oxy.edu>
References: <53BB798A.3080101@tomh.org> <53BBC8DE.1010006@cs.tcd.ie> <8171.1404842394@sandelman.ca> <7BAC95F5A7E67643AAFB2C31BEE662D01EE45B1C4E@SC-VEXCH2.marvell.com>
To: Paul Lambert <paul@marvell.com>
X-Mailer: Apple Mail (2.1510)
Archived-At: http://mailarchive.ietf.org/arch/msg/hipsec/OvTI1gsr_7BIFgGW_-JfUcMwqZ4
X-Mailman-Approved-At: Tue, 22 Jul 2014 07:16:53 -0700
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "hipsec@ietf.org" <hipsec@ietf.org>, "saag@ietf.org" <saag@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [Hipsec] [saag] NULL encryption mode in RFC 5202-bis
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jul 2014 00:51:21 -0000

The basic issue, as always, is interoperability. NULL should not be an interoperable *operational* capability.

Every implementation will have some kind of debugging capability so it can be made operational. Do we require an interoperable debugging capability? I believe the consensus is already leaning to "no".

My own take is that we don't normally do that, and the likely debugging benefit of mandating such a thing is insufficient to justify making it a MUST.


On Jul 21, 2014, at 4:57 PM, Paul Lambert <paul@marvell.com> wrote:

> NULL may be useful to some, but should NOT be mandated (should rather than must).
> It's another knob that could be set incorrectly and bypass the encryption.  Not all products will want or need NULL.
> 
> 
> Paul
> 
> ]-----Original Message-----
> ]From: Hipsec [mailto:hipsec-bounces@ietf.org] On Behalf Of Michael
> ]Richardson
> ]Sent: Tuesday, July 08, 2014 11:00 AM
> ]To: Stephen Farrell
> ]Cc: hipsec@ietf.org; saag@ietf.org
> ]Subject: Re: [Hipsec] [saag] NULL encryption mode in RFC 5202-bis
> ]
> ]
> ]Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> ]    > Generic: is it still considered a good plan to have null
> ]    > confidentiality suites such as these? Or for those to be
> ]    > Mandatory-To-Implement (MTI)? That clearly was the generic
> ]consensus as
> ]    > we have these in a number of protocols. The new reasons to move
> ]from
> ]    > that I think are: 1) we no longer need this for debugging purposes
> ]    > really since libraries and dev tools have moved on and are better
> ]now,
> ]    > and we specifically no longer need these for protocols that are no
> ]    > longer new, 2) BCP188 could be considered to argue against having
> ]these
> ]
> ]There are an incredible number of systems (Linux with stock-in-kernel
> ]NETKEY IPsec for instance), where it is impossible or very very
> ]difficult to get a packet capture of the traffic after decryption, but
> ]before it goes up the protocol stack.
> ]
> ]On such systems, if you have a problem in the field with a protocol that
> ]runs over ESP (whether HIP or IKEv2 keyed), and you can't figure out how
> ]it works, and it appears to with without ESP, then the lack of debugging
> ]means that you turn off all security.
> ]
> ]ESP-authenticated-with-NULL-encryption is debuggable in the field.
> ]Not having it, means turning off ESP; and if the problem is in the link
> ]between the ESP layer and the upper layer, then...
> ]
> ]--
> ]Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works  -=
> ]IPv6 IoT consulting =-
> ]
> ]
> 
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag

Personal email.  hbhotz@oxy.edu

v2.23.0 | Report a Bug | By Email