IETF Logo Mail Archive

Re: [IPsec] Error in RFC6290

Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 26 December 2012 17:16 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFD2221F8C78 for <ipsec@ietfa.amsl.com>; Wed, 26 Dec 2012 09:16:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.549
X-Spam-Level:
X-Spam-Status: No, score=-103.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l4l7IX3bG7ri for <ipsec@ietfa.amsl.com>; Wed, 26 Dec 2012 09:16:05 -0800 (PST)
Received: from mail-ee0-f45.google.com (mail-ee0-f45.google.com [74.125.83.45]) by ietfa.amsl.com (Postfix) with ESMTP id 67F3221F89F8 for <ipsec@ietf.org>; Wed, 26 Dec 2012 09:16:05 -0800 (PST)
Received: by mail-ee0-f45.google.com with SMTP id d49so4277342eek.18 for <ipsec@ietf.org>; Wed, 26 Dec 2012 09:16:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=AUkPU7bbCwGejYgsFhHNNypgz4hyVLd/409FUMelNPk=; b=oUy9iCeU5LfX0hO1fIYirvwfu1PccU6NCmTrvaudsWQCZ4UucvmVZ6NYu5/v3FI9Mm ZK2Z4+Pb0DauKdOalMgA8pGoRbOj/J8J0akGpjf2iYeWEz7IWUraYQASqrCa68K12BrN aKzHaPJeEq7ojhXMHqQiVXSiM1LjNh1uess90GFSVN3plASeAvonaLcjpDcoJSVJYHeu MKHXJU7Sa9W8iNCxV0P87Wg3Uiv+mhdTZGA9vbg7tfuh4fJ1mBfFibcwILnnERC22TSM T7HbOTQOgJpiheUHm8Taj7ossFkmcgqUrBSQH8sDUso5A/qhC8apemL34+YIWQEQAGYP TCVQ==
X-Received: by 10.14.223.135 with SMTP id v7mr71461037eep.41.1356542164428; Wed, 26 Dec 2012 09:16:04 -0800 (PST)
Received: from [10.0.0.13] (85-250-110-45.bb.netvision.net.il. [85.250.110.45]) by mx.google.com with ESMTPS id 6sm54426745eea.3.2012.12.26.09.16.01 (version=SSLv3 cipher=OTHER); Wed, 26 Dec 2012 09:16:03 -0800 (PST)
Message-ID: <50DB30CF.7010604@gmail.com>
Date: Wed, 26 Dec 2012 19:15:59 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Yoav Nir <ynir@checkpoint.com>
References: <20121203223404.5441.71025.idtracker@ietfa.amsl.com> <E7FA5DBC7DB747779E6E6D73460A6615@buildpc> <4613980CFC78314ABFD7F85CC30277210EDFD9D0@IL-EX10.ad.checkpoint.com> <B1F8AE12E3604526980FA756C8F2DB09@buildpc> <DF562289B5D540F095DA9CD3B21AB3D0@buildpc> <4613980CFC78314ABFD7F85CC30277210EE0910F@IL-EX10.ad.checkpoint.com>
In-Reply-To: <4613980CFC78314ABFD7F85CC30277210EE0910F@IL-EX10.ad.checkpoint.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "ipsec@ietf.org" <ipsec@ietf.org>, Valery Smyslov <svanru@gmail.com>
Subject: Re: [IPsec] Error in RFC6290
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Dec 2012 17:16:06 -0000

Hi Yoav, Valery,

Valery is right that the IKE_SESSION_RESUME exchange does not have a 
protected payload.

But his new text is incorrect, since the (session resumption) ticket is 
sent in IKE_SESSION_RESUME and not in the immediately following IKE_AUTH 
(he might have got it mixed with the ticket sent when *requesting* a 
ticket). So I guess we should just replace "within the protected payload 
of the IKE_SESSION_RESUME exchange" by "within the  IKE_SESSION_RESUME 
exchange".

According to http://en.wikipedia.org/wiki/Christmas#Listing, it's still 
more than a week until the Eastern Churches' Christmas. So Merry 
Christmas to some of us, and a Happy New Year to all.

Thanks,
	Yaron


On 12/26/2012 10:42 AM, Yoav Nir wrote:
> Hi
>
> I agree with point #2. I'll leave it to some of the session resumption experts to comment on point #1.
>
> It's a little late for "Merry Christmas", so just happy new year.
>
> Yoav
>
> -----Original Message-----
> From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of Valery Smyslov
> Sent: Wednesday, December 26, 2012 8:11 AM
> To: ipsec@ietf.org
> Subject: [IPsec] Error in RFC6290
>
> Hi,
>
> RFC6290 (Quick Crash Detection) contains an error. In Section 4.3 it states:
>
>     For session resumption, as specified in [RFC5723], the situation is
>     similar.  The responder, which is necessarily the peer that has
>     crashed, SHOULD send a new ticket within the protected payload of the
>     IKE_SESSION_RESUME exchange.  If the Initiator is also a token maker,
>     it needs to send a QCD_TOKEN in a separate INFORMATIONAL exchange.
>
> But IKE_SESSION_RESUME exchange, as specified in RFC5723, doesn't contain any protected payload - it is completely in clear and must be followed by IKE_AUTH exchange. I suspect this error came from early versions of IKE SA Resumption protocol that, as far as I remember, did contain protected payload. But currently this para should look like:
>
>     For session resumption, as specified in [RFC5723], the situation is
>     similar.  The responder, which is necessarily the peer that has
>     crashed, SHOULD send a new ticket in IKE_AUTH exchange
>     that immediately followed IKE_SESSION_RESUME exchange.
>     If the Initiator is also a token maker, it needs to send a QCD_TOKEN in
>     the same IKE_AUTH exchange.
>
>
>
> And one more consideration. In Section 4.1 RFC6290 states:
>
>     o  Protocol ID (1 octet) MUST be 1, as this message is related to an
>        IKE SA.
>
>     o  SPI Size (1 octet) MUST be zero, in conformance with Section 3.10
>        of [RFC5996].
>
> I think here we have contradiction with RFC5996 (despite clamed conformance with it). In abovementioned Section 3.10 it is written:
>
>     o  Protocol ID (1 octet) - If this notification concerns an existing
>        SA whose SPI is given in the SPI field, this field indicates the
>        type of that SA.  For notifications concerning Child SAs, this
>        field MUST contain either (2) to indicate AH or (3) to indicate
>        ESP.  Of the notifications defined in this document, the SPI is
>        included only with INVALID_SELECTORS and REKEY_SA.  If the SPI
>        field is empty, this field MUST be sent as zero and MUST be
>        ignored on receipt.
>
> Let me emphasize that RFC5996 clearly requires that If the SPI field is empty, Protocol ID field MUST be sent as zero and MUST be ignored on receipt, but RFC6290 while requiring SPI field to be empty, requres Protocol ID field to be non-zero. Actually, I see no value in this requirement, as Protocol ID MUST be ignored on receipt anyway (if SPI field is empty), so it just complicates protocol and makes it cumbersome.
>
> Merry Christmas,
> Valery Smyslov.
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>
> Email secured by Check Point
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>

v2.19.0 | Report a Bug | By Email