Re: [Hipsec] Building the first list of to Standards changes
Robert Moskowitz <rgm@htt-consult.com> Fri, 31 July 2009 09:33 UTC
Return-Path: <rgm@htt-consult.com>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C778E28C2E9 for <hipsec@core3.amsl.com>; Fri, 31 Jul 2009 02:33:33 -0700 (PDT)
X-Quarantine-ID: <M429i5XIPceX>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER, Duplicate header field: "References"
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M429i5XIPceX for <hipsec@core3.amsl.com>; Fri, 31 Jul 2009 02:33:32 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [208.83.67.147]) by core3.amsl.com (Postfix) with ESMTP id 978B928C2CE for <hipsec@ietf.org>; Fri, 31 Jul 2009 02:33:32 -0700 (PDT)
Received: from z9m9z.htt-consult.com (localhost.localdomain [127.0.0.1]) by z9m9z.htt-consult.com (8.13.8/8.13.8) with ESMTP id n6V9XTxG015209; Fri, 31 Jul 2009 05:33:29 -0400
Received: from nc2400.htt-consult.com (onlo.htt-consult.com [208.83.67.148]) by z9m9z.htt-consult.com (Scalix SMTP Relay 11.3.0.11339) via ESMTP; Fri, 31 Jul 2009 05:32:58 -0400 (EDT)
Date: Fri, 31 Jul 2009 11:33:53 +0200
From: Robert Moskowitz <rgm@htt-consult.com>
To: Andrew McGregor <andrew@indranet.co.nz>
Message-ID: <4A72BA81.5050809@htt-consult.com>
In-Reply-To: <8F346BB1-D5EF-419F-AED7-A0DE8DFEECE0@indranet.co.nz>
References: <4A72AF52.90603@htt-consult.com>
References: <8F346BB1-D5EF-419F-AED7-A0DE8DFEECE0@indranet.co.nz>
x-scalix-Hops: 1
User-Agent: Thunderbird 2.0.0.22 (X11/20090625)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Content-Disposition: inline
Cc: hipsec@ietf.org
Subject: Re: [Hipsec] Building the first list of to Standards changes
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2009 09:33:33 -0000
Andrew McGregor wrote: > Whole lot of responses inline... > > On 31/07/2009, at 10:46 AM, Robert Moskowitz wrote: > >> OK we have met and agreed to go out and succeed. >> >> In light of that, lets get our work items in order and someone set up >> the tracking of who is working on what and what it is its status. >> >> Crypto Agility >> Add HI PK algorithms > > We use DNS formats for these, and so far the only RFCs published are > RSA and DSA. There is a draft for ECC, there may be others. Code > points are allocated by standards action. So this cannot progress > until the DNS formats do. > >> Add HI hashes > > 5201 defines the RHASH which is used for all hash operations in the > protocol to be the same as the hash used for ORCHIDS, see below. I would also want CBC-MAC, as hardware that implements CCM has CBC-MAC. There is lots of wireless hardware that implements CCM... And there are those that will expect SHA-256. > >> Add ESP cipher suites > > Straightforward, do you have a list of candidates? CCM, as this is in wireless hardware. GCM as this is in highspeed wired hardware. Or those are the claims... > >> >> HIT and LSI formats >> Standardize on ORCHIDs >> Context per HI Hash? > > Yes, RFC 4843 specifies that we use CGA Extension Type Tags registered > by IANA for contexts, and 5201 specifies that it be one per hash. The > only value allocated for hip is bound to SHA-1 by 5201. We can > allocate more. Exactly. > >> IP address range for LSIs > > The v6 ORCHID range is currently reserved until 2014, this may be > changed by standards action. v4 needs thought and either standards or > IANA action. 127.n.0.0/16 And what is n? Let IANA tell us or recommend something? e.g. 64 > >> >> Multiple HIs per host >> Multiple HITs per HI > > I think these can be done already. Current implementations may not > support multiple HIs per host, but I see no reason in the protocol why > this can not be done. Multiple HITs per HI can happen given that hash > agility is per context; therefore the ORCHIDS corresponding to > different hashes are astronomically unlikely to collide. Local policy > dictates if any particular HIT is acceptable. > > However, the IESG note at the beginning of 5201 has this to say: > > This document doesn't currently define support for parameterized > (randomized) hashing in signatures, support for negotiation of a key > derivation function, or support for combined encryption modes. > > The first point will require a lot of thought, although the packet > formats should be straightforward. OK. This is an important one I left off. Would the hash used for making the HIT be the hash used in the HIP sigs? Or is this YAP to add to things like HIP options and DNS RR? > > The second point could be covered by redefining the DIFFIE_HELLMAN > group id parameter to be an (algorithm, group) suite ID... this would > even be backward compatible by reusing the existing values with the > same processing definition. The third is merely more suite-ids for > those modes. So would we have a list of key derivations and this is just one more parameter? > >> >> ESP operation with HIP >> Explain Binding Transport Mode End to End without creating a new ESP >> mode > > This amounts to a wording change in 5202, all the text is already > there. BEET is a recommended implementation detail for 5202 ESP > processing and does not change the wire format or semantics, so there > should be no problem here. > >> AH operation with HIP >> >> Compressing Transport checksums >> New HIP option? > > I'm not sure what you're suggesting. Compressing suites could be > defined for ESP. Or are you suggesting compressing the HIP packets > themselves? If you are going to allow for removal of the TCP and UDP checksums, both parties would need to agree they are going to do this. > >> >> HIP registries (DNS, DHT, LDAP, etc.) >> What information is stored in each >> For DNS >> HIs, HITs, HI hashes, lifetime via TTL >> ESP ciphers? >> RR from IANA > > I suggest updating 5205 along the lines of > draft-ponomarev-hip-dns-locators and draft-ponomarev-hip-hit2ip. This > will require some DNS expert attention to get the details right. I > think that's sufficient for DNS. > > The Boeing SMA implementation in OpenHIP has an LDAP schema, I have > not looked at the detail. > >> >> OK. This is a start. Others should add/expand, and someone needs to >> be the 'owner' of the list. -- The Greatest Oak Was once a little Nut That held its ground.
- [Hipsec] Building the first list of to Standards … Robert Moskowitz
- Re: [Hipsec] Building the first list of to Standa… Robert Moskowitz
- [Hipsec] Looking for a list of hashes and MACs Robert Moskowitz
- [Hipsec] Which EC for DH Robert Moskowitz
- Re: [Hipsec] Which EC for DH Oleg Ponomarev
- Re: [Hipsec] Building the first list of to Standa… Andrew McGregor
- Re: [Hipsec] Building the first list of to Standa… Miika Komu
- Re: [Hipsec] Building the first list of to Standa… Miika Komu