[Hipsec] New version of RFC5201-bis (05)

Tobias Heer <heer@cs.rwth-aachen.de> Mon, 14 March 2011 07:58 UTC

Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 78BF53A6AFC for <hipsec@core3.amsl.com>; Mon, 14 Mar 2011 00:58:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.726
X-Spam-Status: No, score=-4.726 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id VW3BbFCnRP2F for <hipsec@core3.amsl.com>; Mon, 14 Mar 2011 00:58:40 -0700 (PDT)
Received: from mta-1.ms.rz.rwth-aachen.de (mta-1.ms.rz.RWTH-Aachen.DE []) by core3.amsl.com (Postfix) with ESMTP id E14283A6AC3 for <hipsec@ietf.org>; Mon, 14 Mar 2011 00:58:39 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from ironport-out-2.rz.rwth-aachen.de ([]) by mta-1.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) with ESMTP id <0LI100G13FK2LS20@mta-1.ms.rz.RWTH-Aachen.de> for hipsec@ietf.org; Mon, 14 Mar 2011 09:00:02 +0100 (CET)
X-IronPort-AV: E=Sophos;i="4.62,314,1297033200"; d="scan'208";a="50638344"
Received: from relay-auth-1.ms.rz.rwth-aachen.de (HELO relay-auth-1) ([]) by ironport-in-2.rz.rwth-aachen.de with ESMTP; Mon, 14 Mar 2011 09:00:02 +0100
Received: from [] ([unknown] []) by relay-auth-1.ms.rz.rwth-aachen.de (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id <0LI100EWLFK2QY10@relay-auth-1.ms.rz.rwth-aachen.de> for hipsec@ietf.org; Mon, 14 Mar 2011 09:00:02 +0100 (CET)
From: Tobias Heer <heer@cs.rwth-aachen.de>
Date: Mon, 14 Mar 2011 08:59:57 +0100
Message-id: <190A2117-D9F3-4C00-8C84-286A352BA30E@cs.rwth-aachen.de>
To: hipsec@ietf.org
X-Pgp-Agent: GPGMail 1.3.2
X-Mailer: Apple Mail (2.1082)
Subject: [Hipsec] New version of RFC5201-bis (05)
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Mar 2011 07:58:41 -0000

Hash: SHA1

Hello everyone!

Here is a new version of RFC5201-bis (draft-ietf-hip-rfc5201-bis-05).


A praise to former and future reviewers
- ---------------------------------------

There are quite many changes thanks to the detailed reviews of Miika Komu, Jeff
Ahrenholz, and Ari Keranen. I have received an enormous amount of good,
detailed, and valid feedback on issues that are new in the bis document and even
more comments on issues that we inherited from RFC5201. I would like to express
my gratitude and respect for these three guys. They have done a great job.

Again, I'd like to encourage people to review the document. I am especially
interested in the opinion of a) implementers and b) people who defined
extensions for HIP. It would be good to see if your HIP extensions still work
with the new changes or if something fundamentally breaks your extension .  

I've gone over the security considerations section again. Some text in
there seemed to have accumulated over the time while RFC5201 was still in the
making and did not seem fully fitting today. I also changed the proposed
defense mechanism for I2 flooding attacks. I would be happy if someone could go
over it thoroughly with a second pair of eyes.

Changes that are tricky to spot:
- -------------------------------

In this version are some things that are incompatible to RFC5201 but are
difficult to spot. These are mostly redefinitions of already existing
parameters. I'll highlight these changes here:

a) The HOST_ID format has changed to accommodate ECC HIs. This leads to a
different parameter format.

b) The SEQ and ACK descriptions have changed. There was a bug in the figures.
This leads to a different parameter format if the figure was chosen as basis for
the implementation.

c) There may be several NOTIFY parameters per packet. This was not forbidden
before but is explicitly allowed now. This change was made to allow signaling
for multiple problems in a HIP control packet.

d) The document now says the puzzle K SHOULD be 0 if the Responder is not under
high load. Please make sure that HIP implementations set the K to 0 if they
have no good reason to raise the value. Higher values of K will only slow down
HIP, burn CPU cycles and energy, and serve no purpose if there is no overload

e) The HIP_SIGNATURE Algorithm field is now 16 bits long (it was 8 bits long
before). Now the field is better aligned with the HOST_ID algorithm field.

These changes are also mentioned in the Changelog section.

Full change log:
- ----------------

See the changelog below:

11.1.  Changes from draft-ietf-hip-rfc5201-bis-04

  o  Moved this list farther to the back.

  o  Clarifications of the Security Considerations section.  One DoS
     defense mechanism was changed to be more effective and less prone
     to misuse.

  o  Minor clarifications of the state machine.

  o  Clarified text on HIP puzzle.

  o  Added names and references for figures.

  o  Extended the definitions section.

  o  Added a reference to the HIP Version 1 certificate document.

  o  Added Initiator, Responder, HIP association, and signed data to
     the definitions section.

  o  Changed parameter figure for PUZZLE and SOLUTION to use
     RHASH_len/8 instead of n-byte.

  o  Replaced occurrences of SHOULD not with SHOULD NOT.

  o  Changed text to reflect the fact that several
     ECHO_REQUEST_UNSIGNED parameters may be present in an R1 and
     several ECHO_RESPONSE parameters may be present in an I2.

  o  Added text on verifying the ECHO_RESPONSE_SIGNED parameter in

  o  Changed wording from HMAC to HIP_MAC in Section 5.3.8.

  o  Reflected fact that the UPDATE packet MAY include zero or more

  o  Added BEX to Definitions section.

  o  Changed HIP_SIGNATURE algorithm field from 8 bit to 16 bit to
     achieve alignment with the HOST_ID parameters.

  o  Fixed the wrong figures of the SEQ and ACK parameters.  SEQ always
     contains ONE update ID.  ACK may acknowledge SEVERAL update IDs.

  o  Added wording that several NOTIFY parameters may be present in a
     HIP packet.

  o  Changed wording for the ECHO_RESPONSE_SIGNED parameter.  Also
     lifted the restriction that only one ECHO_RESPONSE_UNSIGNED
     parameter MUST be present in each HIP control packet.  This did
     contradict the definition of the ECHO_RESPONSE_UNSIGNED parameter.

  o  Changed IETF Consensus to IETF Review in IANA section.

  o  Aligned use of I, J, and K. Now I is #I, J is #J and K is #K
     throughout the document.

  o  Updated references.

  o  Editorial changes.

- -- 
Dipl.-Inform. Tobias Heer, Ph.D. Student
Chair of Communication and Distributed Systems - comsys
RWTH Aachen University, Germany
tel: +49 241 80 207 76
web: http://www.comsys.rwth-aachen.de/team/tobias-heer/
blog: http://dtobi.wordpress.com/
card: http://card.ly/dtobi
pgp id: AEECA5BF 

Version: GnuPG/MacGPG2 v2.0.16 (Darwin)