Re: [IPsec] Martin Duke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)
Martin Duke <martin.h.duke@gmail.com> Wed, 02 March 2022 22:09 UTC
Return-Path: <martin.h.duke@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 296BE3A0B0C; Wed, 2 Mar 2022 14:09:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mD68KGJAGkkB; Wed, 2 Mar 2022 14:09:22 -0800 (PST)
Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD7E73A0AE2; Wed, 2 Mar 2022 14:09:21 -0800 (PST)
Received: by mail-vs1-xe2c.google.com with SMTP id q9so3502597vsg.2; Wed, 02 Mar 2022 14:09:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HbkQEoyLUIPlQ9yXr6d1K202Bt/N3fg7SEr81YjrgzI=; b=phfXnpCT2xagEj5Pr7wHLQKDKxc9LjJ8X5chwv3JsbZrwwcf5AdVeD6k9znxl4OwGG htTMdAL4rk9otB9gcSKu2lGnQCJLQfpeprQ8qgx7Y0CbL8Gyuf1qsF1BwR6STcT4bcBj ifXmquum0r6OikickA831LSZdtX1HltEFg5dN2ykgcbS57ekAkELoAwvfUvFsjBLfJcg ttY5Trp75ugTMSX6f2wkrLftZjUsdKP57tnhjZboM/lzKOOuORRfW0pLgXFjarTxnnTH xRnj6UpQKp/EdORFHFWAYkqzcs3VFCPxJoul4SiNeOz3yy7H09UsdM7CyErQQtPsXmOf VxrQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HbkQEoyLUIPlQ9yXr6d1K202Bt/N3fg7SEr81YjrgzI=; b=eDyeWYnqC5zLTBYZCtOuCo+pal0rQdSQaCNZlvrClUDlNeNLAtQ/i7QiCJu4L0Lz3+ gusEyVtRd08V/vYpBAigN1YWCzZgbcYy3BIaN1gBAq30tYax9m6ew8MSt1cvM53nFL2I Xv9SYIxgPXOYtCNSMrjKGbUab2V8J1ohTTdmdPo03lxO0jCeLjT1hJbfWx17fm86jWL1 3RjhU5zil8/Uvx1bpeROraFx4PzGDSHQaAqb3kfoZsmh/t8cYlCroLBdajIKiD1zj/b6 VigLGrNUGqDRFAjHnby3LeKGbSmZyDuv8il33S4dbfWhKwU3RKvEcVQWitx2lAGwVQqC xB2Q==
X-Gm-Message-State: AOAM532PKk7oERufQZ9/ad41hDc/kG1InXZxiyt0tJiCQKf4wftqs12q GPR3rhO4o9509NaJPiksY3jJ44jgsFhVIKRnvwoHQzl4
X-Google-Smtp-Source: ABdhPJxzVpt9KkP8NEJqYKmTpWrPOIRDSb+uVK6BkdNWjYpuTl7Su0uC3UmGsNft4VliOp6i6Az0Y7QJb3LC7b+ET2A=
X-Received: by 2002:a05:6102:3eca:b0:31b:bab5:b42d with SMTP id n10-20020a0561023eca00b0031bbab5b42dmr14683825vsv.43.1646258960123; Wed, 02 Mar 2022 14:09:20 -0800 (PST)
MIME-Version: 1.0
References: <164625223564.17953.1128366395669864994@ietfa.amsl.com> <006701d82e7c$2ea5f480$8bf1dd80$@elvis.ru>
In-Reply-To: <006701d82e7c$2ea5f480$8bf1dd80$@elvis.ru>
From: Martin Duke <martin.h.duke@gmail.com>
Date: Wed, 02 Mar 2022 14:09:07 -0800
Message-ID: <CAM4esxT-xsoB5FwQS=j38nT4bpOsSMT0OSX7M21CaNjnavnRLA@mail.gmail.com>
To: Valery Smyslov <svan@elvis.ru>
Cc: The IESG <iesg@ietf.org>, draft-ietf-ipsecme-ikev2-intermediate@ietf.org, ipsecme-chairs@ietf.org, ipsec@ietf.org, ynir.ietf@gmail.com
Content-Type: multipart/alternative; boundary="00000000000086cb7e05d94388a5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/HWQlnD85L-rh_ofOd8R-VcC5TCc>
Subject: Re: [IPsec] Martin Duke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2022 22:09:27 -0000
For the proposed text, I would prefer something normative but if you think that's unwise I'll accept your proposal. Otherwise, your responses look great! Thanks! On Wed, Mar 2, 2022 at 1:26 PM Valery Smyslov <svan@elvis.ru> wrote: > Hi Martin, > > thank you for your comments. > > > Martin Duke has entered the following ballot position for > > draft-ietf-ipsecme-ikev2-intermediate-09: No Objection > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut this > > introductory paragraph, however.) > > > > > > Please refer to > > https://www.ietf.org/about/groups/iesg/statements/handling-ballot- > > positions/ > > for more information about how to handle DISCUSS and COMMENT > > positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-intermediate/ > > > > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > (3.2) "Implementations MUST verify that Message IDs in the > > IKE_INTERMEDIATE > > messages [increment by 1]". Or what? In any case, isn't this fully > enforced > > by > > the WINDOW_SIZE parameter in Sec 2.3 of RFC 7296? That is, if > > WINDOW_SIZE == 1, > > any message that doesn't increment by 1 will simply be ignored. If > > WINDOW_SIZE > > > 1, receiving an increment > 1 is in fact legal (due to packet loss) > but the > > window will not advance until all IDs are received? > > Your understanding is correct. These requirements are in RFC 7296 > and may look redundant in this document. While it is not a good > practice to repeat requirements from another document, > it is done here for the purpose of bringing readers' attention > to them, because for this particular exchange they are crucial > for security. The way IKE_INTERMEDIATE exchanges > are authenticated implies that chunks of data fed into the prf > be in the order these exchanges took place. > > Scott Fluhrer suggested to reinforce the requirement to check > Message ID in the draft (quoting his private e-mail with his permission): > > "... we need to be careful about Message ID handling; what we want to > prevent is an attacker resending > a previous encrypted IKE Intermediate message, and confusing things (which > plausibly could happen > if there were a large number of IKE intermediate exchanges, and the sides > don't track all the message IDs > that they've seen already). I would suggest that the draft state that the > responder MUST verify that > the message IDs received are increasing (or is that inferable from the IKE > RFC?)." > > So, while it is basically repetition of what RFC 7296 says, it was decided > to reiterate these requirement due to their importance for security. > > > (5) The security considerations hint at it with all the DoS talk, but it > would > > be valuable to place some limits on the kind of information that can be > > contained in IKE_INTERMEDIATE and how it is processed. The document > > doesn't > > appear to explicitly restrict these messages to overflow from IKE_SA_INIT > > messages, so if an extension sends e.g. user data in these what are the > > implications? I'd suggest that applications not process such data until > AUTH > > exchange is complete. > > This document defines only the IKE_INTERMEDIATE exchange itself. > It is expected that other documents will define its application > and the types of data it contains. > > That said, I agree that IKE_INTERMEDIATE must only be used > in those cases, when the data transferred needs to be processed > before (or in) IKE_AUTH. So, it's not for transferring user data > (and I hope no specification will use it for this purpose). > > I can add something like this: > > It is expected that the IKE_INTERMEDIATE exchange will > only be used for transferring data that is needed to establish IKE SA > and not for data that can be send later when this SA is established. > > Is it OK? > > > While I am not particularly happy with solely using the WINDOW_SIZE > > mechanism > > to regulate the amount of data in flight, IMO that is an issue with RFC > 7296 > > and not this document. > > Indeed. > > Thank you! > > Regards, > Valery. > >
- [IPsec] Martin Duke's No Objection on draft-ietf-… Martin Duke via Datatracker
- Re: [IPsec] Martin Duke's No Objection on draft-i… Valery Smyslov
- Re: [IPsec] Martin Duke's No Objection on draft-i… Martin Duke
- Re: [IPsec] Martin Duke's No Objection on draft-i… Valery Smyslov
- Re: [IPsec] Martin Duke's No Objection on draft-i… Martin Duke