Re: Last Call: IP Mobility Support to Proposed Standard

William Allen Simpson <wsimpson@greendragon.com> Fri, 01 March 1996 21:06 UTC

Date: Fri, 01 Mar 1996 14:22:51 +0000
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: William Allen Simpson <wsimpson@greendragon.com>
Message-ID: <5029.wsimpson@greendragon.com>
To: ietf@IETF.CNRI.Reston.VA.US
Subject: Re: Last Call: IP Mobility Support to Proposed Standard
Source-Info: From (or Sender) name not authenticated.

I oppose the advancement of these protocols to Proposed Standard, on
both technical and process issues.

This missive covers a few of the technical issues for

>  1. IP Mobility Support
> 	<draft-ietf-mobileip-protocol-15.txt>

Unfortunately, although I have spent significant effort preparing, I am
unable to address all of the issues at this time.  The protocol has
gained a lot of hair since I last worked on it.

Instead, I will speak as to the most important flaws:

 A. Failure to use IP Security.

 B. Use of "Co-Located Care-of Address".

 C. Use of "nonces".

 D. Dependence on ARP and subnets.

                                ----

IP Security should be used, instead of the Mobile-Foreign and
Foreign-Home Authentication Extensions.  (It cannot easily be used for
the Mobile-Home Authentication.)

Although my early drafts (for SIP and Mobile-IP) had these extensions,
once Ran Atkinson introduced his AH and ESP, they were no longer
necessary, and were removed at the IETF in July 1994.  Indeed, one of
the rationales for separating AH and ESP was the ability to authenticate
these mobile registrations without encrypting, for the amateur packet
radio service (where encryption is prohibited).

Worse, this draft uses the "envelope method" MD5(key,data,key).  Other
methods are provably more secure, such as including the length of the
datagram to avoid appending attacks.

                                ----

Use of the "co-located care-of address" is a poor design option, and
should be removed (again).

In this model, the tunnel is from the Home Agent to the Mobile Node:

                     HA ====>R====>R====>FA====> MN

Yet, the last hop to the Mobile Node likely has the least bandwidth, and
therefore the burden of the larger tunneled datagram is most likely to
be a problem.  It also inhibits other bandwidth improvements, such as VJ
TCP header compression.

Instead, only the FA handled registrations should be used:

                     HA ====>R====>R====>FA----> MN

This would simplify the protocol implementation, remove the need for the
'R' bit negotiation, and remove one of the potential patent problems.

                                ----

The use of "nonces" is a poor design option, and should be removed
(again).

The only purpose for the nonces is to protect against an attacker that
can intercept and replace all traffic to and from the Foreign Agent.
Note that this requires more than just a "tap" at both places, but also
the ability to modify messages and retransmit:


                     HA ====>X====>FA====>X====> MN

This attack is so utterly improbably in a mobile network as to be
ludicrous.  The attack would become impossible if IP Security were used,
which would also remove one of the potential patent problems.

                                ----

In earlier drafts, there was no dependence on ARP, and no dependence on
knowing the subnet length of the networks.

The current design integrates ARP and subnet lengths as "options" for
link discovery and control.  These were explicitly rejected as control
mechanisms in earlier incarnations of the WG.

One of the reasons that this was rejected is the assumption of a
symmetric reachability path between the Agents and the Mobile Node.
All the world is not an ethernet, and these problems are very common in
mobile nets.

Worse, there appear to be conflicts when the Home Agent is not a router
in the path of the datagram, and when the Mobile Agent moves between
interfaces of a Home or Foreign Agent.

Instead, the router advertisements and link quality measurements should
be used exclusively to determine reachability of the Agents, as was
described in my earlier drafts.

                                ----

CONCLUSION:

This document is technically unable to advance to Proposed Standard.

It does not reflect the editorial care and technical accuracy given to
the original.

WSimpson@UMich.edu
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32
BSimpson@MorningStar.com
    Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Re: Last Call: IP Mobility Support to Proposed St… Dave Hanna
Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
Last Call period (Re: Last Call: IP Mobility Supp… Donald E. Eastlake 3rd
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
Re: Last Call: IP Mobility Support to Proposed St… Dave Johnson
Re: Last Call: IP Mobility Support to Proposed St… Dave Johnson
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
Re: Last Call: IP Mobility Support to Proposed St… Dave Johnson
Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
Re: Last Call: IP Mobility Support to Proposed St… William Allen Simpson
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins
Last Call: IP Mobility Support to Proposed Standa… The IESG
Re: Last Call: IP Mobility Support to Proposed St… Charlie Perkins