Re: [IPsec] Charter review
"Dan Harkins" <dharkins@lounge.org> Fri, 07 November 2014 14:08 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9774C1AD021 for <ipsec@ietfa.amsl.com>; Fri, 7 Nov 2014 06:08:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.867
X-Spam-Level:
X-Spam-Status: No, score=-3.867 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WzuMYVPb38Af for <ipsec@ietfa.amsl.com>; Fri, 7 Nov 2014 06:08:20 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 1CF1E1AD01C for <ipsec@ietf.org>; Fri, 7 Nov 2014 06:08:20 -0800 (PST)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id A5D2810224008; Fri, 7 Nov 2014 06:08:19 -0800 (PST)
Received: from 66.140.241.100 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Fri, 7 Nov 2014 06:08:19 -0800 (PST)
Message-ID: <e78f45de3ff83cce581381d8438daaee.squirrel@www.trepanning.net>
In-Reply-To: <545C7CCC.9030402@gmail.com>
References: <CAHbuEH6OfTnizY+jVh=gOim0drtBq+XAxObq-X67A4_9o64O6A@mail.gmail.com> <6B331BE7-5972-48FC-9DFD-BA92222F938D@cisco.com> <9bb29bdb72d4710b6960d898420152b8.squirrel@www.trepanning.net> <545C7CCC.9030402@gmail.com>
Date: Fri, 07 Nov 2014 06:08:19 -0800
From: Dan Harkins <dharkins@lounge.org>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/AFq7EpssNR96LpnBJtxrMscQG_c
Cc: "ipsec@ietf.org" <ipsec@ietf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Brian Weis <bew@cisco.com>, Dan Harkins <dharkins@lounge.org>
Subject: Re: [IPsec] Charter review
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Nov 2014 14:08:22 -0000
On Fri, November 7, 2014 12:03 am, Yaron Sheffer wrote: > <hats off> > > Regarding formal security proofs, I strongly disagree. > > The current wording is extremely mild. It does not require an actual > security proof (which would not be realistic), but says "The solution > should be in line with current best practices, including ... possible > formal protocol security proofs." > > This to me means that people have looked at the modified protocol and > can say that the new stuff does not inhibit such a security proof in the > future, and that we formally understand the security properties that are > supposed to be provided by the protocol. > > We are making a major change to IKE, and as much as I care about its > goals, we should try to do it right. Relying on "the security afforded > by DH" is not easy when in the real world, both peers might be reusing > exponents and/or using too short DH groups. This "major change" is to remove authentication. Peers reusing exponents is already entirely permissible in IKE. Authenticating a reused exponent does not change the problem caused by reusing an exponent. I don't even know what "too short DH groups" are but if you can do it in IKE with authentication then what's the issue that is introduced when you take away authentication? I welcome the new interest in formal security proofs in the IETF but I don't think this particular charter change compels one. regards, Dan.
- Re: [IPsec] Charter review Paul Wouters
- [IPsec] Charter review Kathleen Moriarty
- Re: [IPsec] Charter review Paul Hoffman
- Re: [IPsec] Charter review Michael Richardson
- Re: [IPsec] Charter review Brian Weis
- Re: [IPsec] Charter review Dan Harkins
- Re: [IPsec] Charter review Paul Wouters
- Re: [IPsec] Charter review Yaron Sheffer
- Re: [IPsec] Charter review Dan Harkins