Re: [ippm] 答复: I-D Action: draft-ietf-ippm-ipsec-02.txt

[John Mattsson <john.mattsson@ericsson.com>]

Thanks Emma!

See my follow up comments below.

A comment on the upcoming WGLC: If the key derivation is specified to
allow interoperability and text explaining unauthenticated *WAMP through
an IPsec tunnel" is reinstated in Section 4, then I would be quite ok with
the document and sending it on to IETF last call and IESG.

Cheers
John


- [Section 1]
Maybe a explanation or reference to eNB and SeGW

  [Emma]: Both eNB and SeGW support certificate mode and IKEv2. Provision
of shared secret for them will waste time and add complexity
<javascript:void(0)>. Deriving shared key from IKE SA is fit for the use
case like that.

John: I know that, but I do not think the average IETF:er knows. I think
you should add a reference to an appropriate 3GPP document or at least an
explanation that eNB and SeGW are 3GPP LTE nodes.



- [Section 4.1]
“ The shared secret key can be generated as follows:
      Shared secret key = PRF{ SKEYSEED, "IPPM" }
“
Even if the IPsec APIs are proprietary, I do not think that the key
derivation can be in a draft that aims to be standard
track.
Unless the key derivation is defined, different implementations won’t be
compatible.
Encoding of “IPPM” should probably be defined.
You probably mean prf() (with ordinary brackets)

  [Emma]: Thanks for this comment. Yes, it means prf() (with ordinary
brackets) and
the string "IPPM" are ASCII characters.


John: Good, but you did not comment on the important thing, wether the
secret key generation should be specified. According to me the text should
be 
“The shared secret key SHALL be generated as follows:"


- [General]
I think the list (in this case Alfred Morton and me) was quite clear on
that unauthenticated *WAMP through an IPsec tunnel
was an attractive solution that should be better described. As explained
by Alfred Morton:
“I'll keep reading, but I'm beginning to wonder if setting up an IPsec
tunnel and setting up *WAMP Control and Test protocols
to transfer through the tunnel (unauthenticated so as not to waste
processing on redundant security) is the solution?  But what about the
deployment of IPsec in LTE networks: If a tunnel is established
automatically for any data transfer, the *WAMP could be
viewed as typical user traffic inside an existing tunnel.”
While this is now mentioned shortly in the introduction, the text sections
describing the security properties when sending
*WAMP over AH or ESP has instead been removed. These should be reinstated,
preferably in a separate subsection in section 4.

[Emma]: I agree that unauthenticated *WAMP through
an IPsec tunnel can be one option. However, as we mentioned before, the
draft mainly focuses on how to derive shared key from IKE SA to achieve
automatic key management and how to extend *WAMP protocol to support that.
So this is mentioned shortly in the draft.
We can consider to add some text about it in next version.

John: Well, for working group documents its the list that decides the
focus and the topic “Network Performance Measurement for IPsec” is quite
general (which I think it should be).