Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev2-07
Valery Smyslov <smyslov.ietf@gmail.com> Thu, 12 January 2023 14:42 UTC
Return-Path: <smyslov.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 906A8C14CE4C for <ipsec@ietfa.amsl.com>; Thu, 12 Jan 2023 06:42:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PBKS34wu_djv for <ipsec@ietfa.amsl.com>; Thu, 12 Jan 2023 06:42:18 -0800 (PST)
Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51273C14CE2B for <ipsec@ietf.org>; Thu, 12 Jan 2023 06:42:18 -0800 (PST)
Received: by mail-lf1-x134.google.com with SMTP id f34so28700930lfv.10 for <ipsec@ietf.org>; Thu, 12 Jan 2023 06:42:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-language:thread-index:content-transfer-encoding :mime-version:message-id:date:subject:in-reply-to:references:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=H11uyL5bNND/B9No1TGb2QrCdxSU6YfMbPUmuTYzgsA=; b=KJyfJN8AiFQabJJuqoLKgE7s/9fvzkJfuD0gBMY+jWG0PZGWjXlSoAI0HsgJSzI0CW Jyz0+EuG3FcvaZQrdCYTFD+bklcRiN7ZxueX8GGVf5ZYRmhzwzoGfEEa8AdsKF2bKk+Y xBCb32BB9A06miFrOp3AavkLRWYxJBbDz0RKMUXATCTZ5uhRU+S2EbGX7VNX3vbD8ct6 JbLM3xEm21iwESnmLb3DX3/dqk6MnPyYeWAUJsqbAPLFOERZQe6AH/721hhOBhqjA/sA 8zDpHEIzF8OjTzH2MnXnMOJEs8xojfI42uIVQc/9TQmh4F3Io9cwmuXTxdaYXs3rRbP0 VzUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-language:thread-index:content-transfer-encoding :mime-version:message-id:date:subject:in-reply-to:references:cc:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=H11uyL5bNND/B9No1TGb2QrCdxSU6YfMbPUmuTYzgsA=; b=7UibhXWAYfOg0Bk+Qm5gT4AF0Ue5smwSfIKaUmKE1h024mK59jdmL4eIBKuHFrF67N hXfoMq/LZRdwdPqSR5UT5191rOoGG7XIi8IcEf8XnPT/vWTLrTyFTVoOLq5BW8v14heB iGSHPtajYfEOQPR/wQb9AErl7fKEQBzSUtS11bixohtLQ8348K9/TR92rZGfvfYdk6px Cl3JHZkGKAVgq7fxxhTmVSHokQx3TyJv/0NRXwlCLZa2GU3gCzxDOjF0/TZm7Z6CAHoT jYrm3bQAsOpo37ojOo6lxhzpP4f3y9yhb3eMV3tpLtGxUNqPS8Frun2u97PusoWJDIAa EPkg==
X-Gm-Message-State: AFqh2kqu5I3pW0eHQW4a9x5ddd5fGQDnFETWHZMHxGlu2GVPeVRkyqeu qZsPLXZ02OOfQ3IEAxsUUxk=
X-Google-Smtp-Source: AMrXdXvJFRpl5ODu7zdDixl3Q34PZim3hn/veIJKkM5RwBCW153+luKZ+zuqYzP9BSGUlDU+qy3P6w==
X-Received: by 2002:a05:6512:234a:b0:4cc:a19a:7a1b with SMTP id p10-20020a056512234a00b004cca19a7a1bmr887443lfu.65.1673534536049; Thu, 12 Jan 2023 06:42:16 -0800 (PST)
Received: from buildpc ([93.188.44.204]) by smtp.gmail.com with ESMTPSA id f23-20020ac25337000000b004b55ddeb7e3sm3298185lfh.309.2023.01.12.06.42.15 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Jan 2023 06:42:15 -0800 (PST)
From: Valery Smyslov <smyslov.ietf@gmail.com>
To: 'Paul Wouters' <paul@nohats.ca>
Cc: ipsec@ietf.org, bew.stds@gmail.com
References: <072c01d9268f$18950b20$49bf2160$@gmail.com> <1621D707-8BA2-4E04-AB96-C140763674DB@nohats.ca>
In-Reply-To: <1621D707-8BA2-4E04-AB96-C140763674DB@nohats.ca>
Date: Thu, 12 Jan 2023 17:42:16 +0300
Message-ID: <072d01d92694$117ed3c0$347c7b40$@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJwvtQAyDaSN67S66T5WvYC/jftuQJe3MExrViskRA=
Content-Language: ru
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/1Q1MPummuqpUtHKAK60gNq9F5fw>
Subject: Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev2-07
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jan 2023 14:42:20 -0000
> > Unless I'm missing something, it's not immediately clear for me how you want > > to use HPKE here. Can you clarify? > > Similar to how MLS is using it to (re)generate the keys for the binary tree. They addressed the same > problem of having a group and members joining and leaving and ensuring left members can’t decrypt > new messages anymore. It seems to me taht the requirements for MLS and G-IKEv2 are a bit different. In G-IKEv2 (or generally in GDOI architecture) we have a group controller, which have a complete view of the group (it manages membership and generates and distributes all the multicast keys). Generally speaking, the controller may be out of the group (i.e. it may have no data to send to the members or to receive from them other than multicast keys). In my understanding in MLS there is no such a controller, the group is managed by its members and the keys are constantly updated by all members. In other words, in G-IKEv2 group management and key distribution is centralized, which is not the case for MLS. I didn't look into MLS deeply, but it seems to me that it is more suitable for low-bandwidth communications (like group chat), while G-IKEv2 approach is more appropriate for high-speed communications (e.g. live broadcasting). And you may want to know that there is a mechanism in G-IKEv2 that allows excluding group members (so that they cannot decrypt multicast data anymore) using only multicast messages (yes!). It is called LKH (Logical Key Hierarchy) and is currently a part of G-IKEv2 document. Such mechanisms are pluggable, more can be defined in future. Regards, Valery.
- [IPsec] comments on draft-ietf-ipsecme-g-ikev2-07 Michael Richardson
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Valery Smyslov
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Michael Richardson
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Valery Smyslov
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Michael Richardson
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Valery Smyslov
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Michael Richardson
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Valery Smyslov
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Paul Wouters
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Valery Smyslov
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Valery Smyslov
- Re: [IPsec] comments on draft-ietf-ipsecme-g-ikev… Paul Wouters