Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-01 update
Tobias Brunner <tobias@strongswan.org> Tue, 25 July 2023 07:19 UTC
Return-Path: <tobias@strongswan.org>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14B00C1522DB for <ipsec@ietfa.amsl.com>; Tue, 25 Jul 2023 00:19:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strongswan.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y1IP0hwxz603 for <ipsec@ietfa.amsl.com>; Tue, 25 Jul 2023 00:18:58 -0700 (PDT)
Received: from mail.codelabs.ch (mail.codelabs.ch [IPv6:2a02:168:860f:1::35]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2A83C15154A for <ipsec@ietf.org>; Tue, 25 Jul 2023 00:18:58 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.codelabs.ch (Postfix) with ESMTP id E58475A0002; Tue, 25 Jul 2023 09:18:54 +0200 (CEST)
Received: from mail.codelabs.ch ([127.0.0.1]) by localhost (fenrir.codelabs.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eQDTqVTuU_il; Tue, 25 Jul 2023 09:18:53 +0200 (CEST)
Received: from [IPV6:2a01:8b81:5400:f500:ccb2:fd81:6c30:e293] (unknown [IPv6:2a01:8b81:5400:f500:ccb2:fd81:6c30:e293]) by mail.codelabs.ch (Postfix) with ESMTPSA id 869A85A0001; Tue, 25 Jul 2023 09:18:53 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=strongswan.org; s=default; t=1690269533; bh=fowB+ka92LTt4JqxYQguRBDtWG/Y8k9gNY3qVJuaNDU=; h=Date:To:Cc:References:From:Subject:In-Reply-To:From; b=PK3FJ8Ik0jy0l5lcyaF6UJ5/0+7iO4v8s/beE4EcD/92NqAUJE2r3I8hHHcIR84At sbWfjhUnOVRP9P1h4Nm9ybD6l3uJ6FcZ5T8OxPXMDKGkUhiQdgLjE8a60kpDOvxbLG iCFBFU347KkRzttYC9FVGjh5dh46VAGIkNGgQP+qtUH4aPqYbk2b98GGUyM6jUwBbD r2N8yqJjmXuSrcSpryR2Cj8+pi0ONH0BeTH1yDvbOHYgFXNFXMqdIrMbXJSSphZjuf X6We1QjPR+J/wY11+7aRJ7omA0sKuHXTProeZ9cFx4z6noD+bsURAyIkKoHDfX26cF XEIFZjS2pZdcA==
Message-ID: <e896d113-5616-3e4e-bba4-fcdac136916a@strongswan.org>
Date: Tue, 25 Jul 2023 09:18:53 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.13.0
To: Tero Kivinen <kivinen@iki.fi>
Cc: Paul Wouters <paul@nohats.ca>, "ipsec@ietf.org WG" <ipsec@ietf.org>
References: <85a82884-feb3-48a7-5d43-509d7ee7fddb@nohats.ca> <e16c2b8e-a33f-4c36-e2df-94eab2cd9a2f@strongswan.org> <718511a9-a593-d832-dff7-669d5c3b9e7b@nohats.ca> <f6d53207-5895-8e27-a4fa-678fb1913621@strongswan.org> <25790.39211.656098.702869@fireball.acr.fi>
Content-Language: en-US, de-CH-frami
From: Tobias Brunner <tobias@strongswan.org>
In-Reply-To: <25790.39211.656098.702869@fireball.acr.fi>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/Ey2Kpj25l3APD37626ZHP81a2js>
Subject: Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloads-opt-01 update
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jul 2023 07:19:04 -0000
Hi Tero, >> It already states in section 3: "Non-optimized, regular rekey requests >> MUST always be accepted." > ... >> So you're saying some configs, that are valid for regular IKEv2, will >> just not work with this extension? And we'll only know once there is > > Combining those two, I think this is fine. I.e., this is optimization > and it does NOT NEED to optimize every single possible configuration. > We can clearly state that if you are using certain configurations you > can't use this optimization, and have to fall back to normal rekey. > > For example we could say that if you are negotiating multiple > protocols (AH + ESP or ESP + IPCOMP), or if you are using anything > else than one single KE algorithm for create child sa, you need to use > regular rekey. While there might be configurations that prevent this extension from working at all (but I think e.g. with IPComp sending the CPI with the regular IPCOMP_SUPPORTED notify in the optimized rekeying exchange should be fine), I think, with regards to key exchanges, a regular rekeying is really only necessary the first time the initial Child SA is rekeyed. For all other Child SAs it's perfectly fine to use optimized rekeyings because their proposals were negotiated with a regular CREATE_CHILD_SA exchange. >> The only way to avoid that would be the extension either making >> childless IKE SAs mandatory, or strictly prohibiting inconsistent KE >> configs between IKE and Child SAs, taking away quite a bit of >> flexibility IKEv2 offers. > > You do not need to make childless IKE SA mandatory, you simply need to > do first rekey after initial sa creation using normal rekey, and if > that normal rekey has SA/KE payloads that are acceptable for the > optimized rekey in the future, then you can use optimized rekeys in > the future. That's exactly what I'm proposing. Make it *mandatory* that the first rekeying of the Child SA that's created with IKE_AUTH is a regular one. Because if that's not the case, it might be impossible for a responder to deduce what the initiator's proposal is. All further rekeyings of that Child SA can be optimized afterwards. Regards, Tobias
- [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloads-o… Paul Wouters
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Tobias Brunner
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Paul Wouters
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Tobias Brunner
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Tero Kivinen
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Tobias Brunner
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Paul Wouters
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Valery Smyslov
- Re: [IPsec] draft-ietf-ipsecme-ikev2-sa-ts-payloa… Tobias Brunner