Re: Last Call: IP Mobility Support to Proposed Standard
William Allen Simpson <wsimpson@greendragon.com> Fri, 01 March 1996 21:06 UTC
Received: from ietf.cnri.reston.va.us by IETF.CNRI.Reston.VA.US id aa05049; 1 Mar 96 16:06 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa05037; 1 Mar 96 16:06 EST
Received: from ietf.cnri.reston.va.us by CNRI.Reston.VA.US id aa13680; 1 Mar 96 16:06 EST
Received: from ietf.cnri.reston.va.us by IETF.CNRI.Reston.VA.US id aa04996; 1 Mar 96 16:06 EST
Received: from merit.edu by IETF.CNRI.Reston.VA.US id aa04855; 1 Mar 96 16:04 EST
Received: from Bill.Simpson.DialUp.Mich.Net (pm001-04.dialip.mich.net [35.1.48.53]) by merit.edu (8.7.3/merit-2.0) with SMTP id QAA01230 for <ietf@IETF.CNRI.Reston.VA.US>; Fri, 1 Mar 1996 16:03:55 -0500 (EST)
Date: Fri, 01 Mar 1996 14:22:51 +0000
X-Orig-Sender: ietf-request@IETF.CNRI.Reston.VA.US
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: William Allen Simpson <wsimpson@greendragon.com>
Message-ID: <5029.wsimpson@greendragon.com>
To: ietf@IETF.CNRI.Reston.VA.US
Subject: Re: Last Call: IP Mobility Support to Proposed Standard
Source-Info: From (or Sender) name not authenticated.
I oppose the advancement of these protocols to Proposed Standard, on both technical and process issues. This missive covers a few of the technical issues for > 1. IP Mobility Support > <draft-ietf-mobileip-protocol-15.txt> Unfortunately, although I have spent significant effort preparing, I am unable to address all of the issues at this time. The protocol has gained a lot of hair since I last worked on it. Instead, I will speak as to the most important flaws: A. Failure to use IP Security. B. Use of "Co-Located Care-of Address". C. Use of "nonces". D. Dependence on ARP and subnets. ---- IP Security should be used, instead of the Mobile-Foreign and Foreign-Home Authentication Extensions. (It cannot easily be used for the Mobile-Home Authentication.) Although my early drafts (for SIP and Mobile-IP) had these extensions, once Ran Atkinson introduced his AH and ESP, they were no longer necessary, and were removed at the IETF in July 1994. Indeed, one of the rationales for separating AH and ESP was the ability to authenticate these mobile registrations without encrypting, for the amateur packet radio service (where encryption is prohibited). Worse, this draft uses the "envelope method" MD5(key,data,key). Other methods are provably more secure, such as including the length of the datagram to avoid appending attacks. ---- Use of the "co-located care-of address" is a poor design option, and should be removed (again). In this model, the tunnel is from the Home Agent to the Mobile Node: HA ====>R====>R====>FA====> MN Yet, the last hop to the Mobile Node likely has the least bandwidth, and therefore the burden of the larger tunneled datagram is most likely to be a problem. It also inhibits other bandwidth improvements, such as VJ TCP header compression. Instead, only the FA handled registrations should be used: HA ====>R====>R====>FA----> MN This would simplify the protocol implementation, remove the need for the 'R' bit negotiation, and remove one of the potential patent problems. ---- The use of "nonces" is a poor design option, and should be removed (again). The only purpose for the nonces is to protect against an attacker that can intercept and replace all traffic to and from the Foreign Agent. Note that this requires more than just a "tap" at both places, but also the ability to modify messages and retransmit: HA ====>X====>FA====>X====> MN This attack is so utterly improbably in a mobile network as to be ludicrous. The attack would become impossible if IP Security were used, which would also remove one of the potential patent problems. ---- In earlier drafts, there was no dependence on ARP, and no dependence on knowing the subnet length of the networks. The current design integrates ARP and subnet lengths as "options" for link discovery and control. These were explicitly rejected as control mechanisms in earlier incarnations of the WG. One of the reasons that this was rejected is the assumption of a symmetric reachability path between the Agents and the Mobile Node. All the world is not an ethernet, and these problems are very common in mobile nets. Worse, there appear to be conflicts when the Home Agent is not a router in the path of the datagram, and when the Mobile Agent moves between interfaces of a Home or Foreign Agent. Instead, the router advertisements and link quality measurements should be used exclusively to determine reachability of the Agents, as was described in my earlier drafts. ---- CONCLUSION: This document is technically unable to advance to Proposed Standard. It does not reflect the editorial care and technical accuracy given to the original. WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32 BSimpson@MorningStar.com Key fingerprint = 2E 07 23 03 C5 62 70 D3 59 B1 4F 5E 1D C2 C1 A2
- Re: Last Call: IP Mobility Support to Proposed St… Dave Hanna
- Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
- Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
- Last Call period (Re: Last Call: IP Mobility Supp… Donald E. Eastlake 3rd
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
- Re: Last Call: IP Mobility Support to Proposed St… Dave Johnson
- Re: Last Call: IP Mobility Support to Proposed St… Dave Johnson
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
- Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
- Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
- Re: Last Call: IP Mobility Support to Proposed St… Dave Johnson
- Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
- Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
- Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
- Last Call: IP Mobility Support to Proposed Standa… The IESG
- Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins