Re: AH (without ESP) on a secure gateway

mckenney@mitre.org (Brian McKenney) Wed, 04 December 1996 14:02 UTC

Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id JAA26254 for ipsec-outgoing; Wed, 4 Dec 1996 09:02:39 -0500 (EST)
Date: Wed, 04 Dec 1996 09:02:40 -0500
X-Sender: mckenney@smiley.mitre.org
Message-Id: <v01510101aecae55b0c59@[128.29.140.130]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
To: Steven Bellovin <smb@research.att.com>
From: mckenney@mitre.org
Subject: Re: AH (without ESP) on a secure gateway
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

>It's very clear to me that firewall-to-firewall IPSEC -- whether it's
>ESP or AH -- should be done *only* in tunnel mode.  To do otherwise
>is inviting trouble.  In fact, I had thought that was what was done --
>no other possibility had occurred to me.

This is more an implementation issue rather than a standards issue.  If you
have an IPSEC-compliant firewall, then ESP Transport Mode could be used for
firewall-to-firewall encryption.  Vendors should note in their
documentation about possible problems and issues with this mode for
firewall-to-firewall communications.  The documentation should address
threat environments, likelihood of threats, and whether some threats go
away with certain transforms.  Maybe Section 5.1, Use with Firewalls (in
Security Architecture for the Internet Protocol), should provide a
discussion of this issue.   Your concerns also apply to desktop-to-desktop
IPSEC.

An example of standard vs. implementation is key management.  The standard
notes that manual key management can be performed.  I remember reading one
vendor manual that provides a warning that you should not communicate SA
attributes over a cordless telephone.  This is completely outside the scope
of the standard.

   -Brian