IETF Logo Mail Archive

[IPsec] AD review of draft-ietf-ipsecme-ikev1-algo-to-historic-06

Roman Danyliw <rdd@cert.org> Fri, 15 July 2022 22:05 UTC

Return-Path: <rdd@cert.org>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FF9DC157B55 for <ipsec@ietfa.amsl.com>; Fri, 15 Jul 2022 15:05:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b3LGLsCPFAJI for <ipsec@ietfa.amsl.com>; Fri, 15 Jul 2022 15:05:50 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0124.outbound.protection.office365.us [23.103.209.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 899BCC157B36 for <ipsec@ietf.org>; Fri, 15 Jul 2022 15:05:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=BY6Qlj2iWMqdZTK7tsKup+VAh8ohAm8LAbEiC8SAZhuulHaVpYe28yvyHpCTQIfk5nttgjHkgakbF9ZaKDePDhUeizksW7Fm2tkJj20vtz0hQ40nuTIlmVmMeZSuo8hoM5lqOz4gEmzusL39qolf10mG/KUdhknhIH8odpRBn8G/nJnDGGYv39qJEt72+Hwuhf4jrNLPjdIIkoi3UtV0ygsATLdHzPV2Z80KVqg33376LqZV3KfGrWp+eDVLbCc255vDicY9kzzgsIV6reP4WQixP6evO5CBrZJqUGzv3aJUgjT7tG6ahVbdWSEzdd+i9S1923wVboxHcYBu/88HNQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iz0dVv4QruWu3x+6gxWHYEiJLNqsTToo8zQEY6bb04Q=; b=VtNRcVd5vsDSpWiSNVTFANrwRuWQEJSRE5OIStut78DpSDpX3IS0mx8jEtvK8HlpQAoFsXLGhxbr7FobVL+oyju9hSg0H1Wb4/Gl6/D+H16TloxnEmylCsLYp6YtOqRThCGZx6SMukQ6OrYDontmaMxuCzxZzKhFgimUk+ZNInl9josgoN8NHfQsYJb/qSSJO9KWKN3LeXKnOnDdEJR167rpFo/yveWZyoVUj8KTIFNWBpagn0B4kiSxE0KHY+Q7Mg9l0UfAPBhUHcBwxbshCNOFG+yCY/5tmNw9k4Bn8wla35K5ZfuklV9smwXgGQ5O/uBZWzMrMK1lrJ7T3sdrCg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iz0dVv4QruWu3x+6gxWHYEiJLNqsTToo8zQEY6bb04Q=; b=BWwrTMpI3NKVQjT0ja3eeFrT6rHlhJsdESY99Z10Yvf8pUsWhmDPTeZ8mCms/0ryM5/+RPcJdOWMzfMJIkJq4J5ER6WqmkDc9GUvjXJtKPkB6TGOQlu/MkUgLAg4Im6uQWtNU21kzIeFyYBwWHlswXSh9jGF2uwv9j7QTr6TcHQ=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1059.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5417.26; Fri, 15 Jul 2022 22:05:39 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::61c5:afc3:7804:7d27]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::61c5:afc3:7804:7d27%3]) with mapi id 15.20.5417.027; Fri, 15 Jul 2022 22:05:39 +0000
From: Roman Danyliw <rdd@cert.org>
To: "ipsec@ietf.org WG" <ipsec@ietf.org>
Thread-Topic: AD review of draft-ietf-ipsecme-ikev1-algo-to-historic-06
Thread-Index: AdiYld6YLiIU7dHvRziOSDmVi/zBaQ==
Date: Fri, 15 Jul 2022 22:05:39 +0000
Message-ID: <BN2P110MB1107B26385B3570CA30E4A22DC8B9@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 91f40898-92ab-46f9-f1e9-08da66ae2733
x-ms-traffictypediagnostic: BN2P110MB1059:EE_
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vZycOAmtuL19Wjf9x60ko6Qr0CN2VK+ZrMMTYcmYIHwmQUdVag82LqV8DC2HRMg3uBcIfKODD9SXqLp2JAt+cPTmUhshO6BxgSm4MlUcIb2wksxrt1lmqDVKhLQW3fqpXsqBwXQ1MQpuQWCDhBmq5rB2DwUf3prY5zlqFZ9+Cfsp2d4YB/ZZGl9HXD24eT2+oUJ/sE/L4i9gq2j+pVgIHn9iZGcgu2lUVGOzQsdG3W1MYQLUegT3HHumGV2UxcQN4zLMK5o7BKp+Y6QiR96PaaMYnTY65jGnJw8EqOvWwfihfvVBTMg14/JvPwI5HIJ+Sw5IOJrnqm9rC5MKuerwPqz5cflUMPEY7GHdSqJWsc8SrzChhspFM3m7/sVucmPgAbWdbRIKLmtmb0//NNvH5kjs5zgzIa3F/bXsn+61T23MKqHd/pjL8f++re2dTkimQplKn7x3Zb2c9xsG9R2zNoA0uC4GyIdrA6fV/Mk9hstn8uQDjda3qvUj0sNIK6JCA8P9xikzNvvj6Qmwu5XVlnQUYco2TEJVEeeG/758jOyidY9Jp3E/ckksIjgbD62lDriNnv3e5ZuxRc7ujgd0NoFMZRxzVbgV5ctEOZbE/kHM+mSLfx82MpiFbcGWcJ072fsSpbxMgQLezwFXGSFUGMFDt33LNwDUTwcRwOk1NvBgRJyKuLvnHan12i90Sl0mPwij06e2ajHz61bUwxUWmBr6hQdvn/v4ME7iALbl2doHDAahq0wlUmtH1WgUycjJ
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(366004)(38100700002)(9686003)(38070700005)(6506007)(7696005)(498600001)(186003)(26005)(82960400001)(55016003)(71200400001)(76116006)(66574015)(6916009)(966005)(86362001)(52536014)(5660300002)(66946007)(66476007)(8676002)(8936002)(66446008)(66556008)(2906002)(83380400001)(122000001)(33656002)(64756008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: J6A3U41KL1r46/ABrC1tqVCZzYMdHaH1ZJdQgLriHKctQyUBbVQ1MKfYKufsI5Ey06WTl+besBZDA3+DaV1xR3BWZCNhCAEtzIg5P93MDp9UROrDokAnMCCS3pqEow/4ckOSXFn4yhgG9MkbIwcBJmjEGU1l3G/g/1lVUK0w4WUScwSClQSDU+ST3GbkMriD5cXDr7nfKldu4KS0YNIWL7c1j64FUj+Bw1BgvmfXjbwE99AO+vfbKHW+M+v0XvBh9N2OWQSjqjLnBASibdLS8sJJSUKeuOAlZAaiSEEbFnmrTuv5nIsOntMX6AuTucDtsabaf5s4SadBCFfw038r2mTRAsYiamItgBs+VOWW3eNApI36ZKEJr5bdPznFXaQlocdvyKxoSmlRWj7d5XR76/EVx71bgYXs2p4qUZRNSuI=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 91f40898-92ab-46f9-f1e9-08da66ae2733
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Jul 2022 22:05:39.3780 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1059
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/yJRlacdjNIIgRFpaiRKJnKnbiXc>
Subject: [IPsec] AD review of draft-ietf-ipsecme-ikev1-algo-to-historic-06
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jul 2022 22:05:55 -0000

Hi!

I performed an AD review of draft-ietf-ipsecme-ikev1-algo-to-historic-06.  Thanks for this work to formally move the community to IKEv2.

Based on the content of this document, I am assuming the WG intent is to follow option #3 of https://www.ietf.org/about/groups/iesg/statements/designating-rfcs-historic-2014-07-20/.  Please correct me if I have it wrong.  To repeat the salient parts of the process here, when this document goes to IETF LC, there will be a companion "status change document" which also will be sent to IETF LC.  That status change document will move RFC207/2408/2409 to historic status.  The IESG will need to ballot on both.

Below is my feedback.  Some of the editorial changes are to support the process described above.

** Abstract.  As this document is formally updating other documents, please state that in this section.  From idnits:

  -- The draft header indicates that this document updates RFC8247, but the
     abstract doesn't seem to mention this, which it should.

  -- The draft header indicates that this document updates RFC8221, but the
     abstract doesn't seem to mention this, which it should.

** Abstract.  To sync the language up with the status change document, please:

OLD
Internet Key Exchange version 1 (IKEv1) is deprecated.  

NEW
This document formally deprecates Internet Key Exchange version 1 (IKEv1).  Accordingly, RFC2407, RFC2408 and RFC2409 which specify IKEv1 are moved to Historic status.

** The document 

** Section 1.  As above.
OLD
IKEv1 has been moved to Historic status

NEW
This document formally deprecates Internet Key Exchange version 1 (IKEv1).  Accordingly, RFC2407, RFC2408 and RFC2409 which specify IKEv1 is moved to Historic status.

** Section 1.
   Algorithm implementation requirements and usage guidelines for IKEv2
   [RFC8247] and ESP/AH [RFC8221] gives guidance to implementors but
   limits that guidance to avoid broken or weak algorithms.  It does not
   deprecate algorithms that have aged and are not in use, but leave
   these algorithms in a state of "MAY be used".

I'm not following the text saying that "algorithms [are left] in a state of 'MAY be used'".  For example, the following Type 3 transforms are deprecated in Section 7 of this document: AUTH_HMAC_MD5_96, AUTH_DES_MAC and AUTH_KPDK_MD5.  However, Section 2.3 of RFC8247 seems very clear that AUTH_HMAC_MD5_96, AUTH_DES_MAC and AUTH_KPDK_MD5 are already "MUST NOT".  Where is the "MAY be used" flexibility coming from?

              +------------------------+----------+---------+
              | Name                   | Status   | Comment |
              +------------------------+----------+---------+
              | AUTH_HMAC_SHA2_256_128 | MUST     |         |
              | AUTH_HMAC_SHA2_512_256 | SHOULD   |         |
              | AUTH_HMAC_SHA1_96      | MUST-    |         |
              | AUTH_AES_XCBC_96       | SHOULD   | (IoT)   |
              | AUTH_HMAC_MD5_96       | MUST NOT |         |
              | AUTH_DES_MAC           | MUST NOT |         |
              | AUTH_KPDK_MD5          | MUST NOT |         |

** Section 1.  Explicitly state the update being made to RFC8247 and RFC8221.

OLD 
This document deprecates those algorithms that are no longer advised ...

NEW

This document deprecates those algorithms from RFC8247 and RFC8221 that are no longer advised ...

** Section 3.

   A number of IKEv1 systems have reached their End of Life

Is there a way to quantify that or support that claim?

** Section 3.  Please provide a reference for CVE-2016-5361.

** Section 3.

   IKEv1 configurations SHOULD NOT be directly
   translated to IKEv2 configurations without updating the cryptographic
   algorithms used

It seems odd to provide normative behavior for the technology that just got deprecated.  Consider rephrasing it to direct IKEv2 behavior.  Perhaps, "IKEv2 implementations SHOULD NOT directly import IKEv1 configurations without updating the cryptographic algorithms used."

** Section 5.  

   *  Encryption Algorithms: RC5, IDEA, CAST, Blowfish, and the
      unspecified 3IDEA, ENCR_DES_IV64 and ENCR_DES_IV32

   *  PRF Algorithms: the unspecified PRF_HMAC_TIGER

Is it "unspecified" or "unstandardized" or "registered"?

** Section 7.
   All entries not mentioned here should receive no value in the new
   Status field.

Did the WG discuss a non-empty value?

Thanks,
Roman

v2.23.0 | Report a Bug | By Email