IETF Logo Mail Archive

Re: Crypto algorithms for IKEv2

"Andrew Krywaniuk" <askrywan@hotmail.com> Wed, 30 April 2003 02:49 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA22555 for <ipsec-archive@lists.ietf.org>; Tue, 29 Apr 2003 22:49:40 -0400 (EDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id UAA07579 Tue, 29 Apr 2003 20:49:24 -0400 (EDT)
X-Originating-IP: [64.114.95.129]
X-Originating-Email: [askrywan@hotmail.com]
From: Andrew Krywaniuk <askrywan@hotmail.com>
To: paul.hoffman@vpnc.org, ipsec@lists.tislabs.com
Subject: Re: Crypto algorithms for IKEv2
Date: Tue, 29 Apr 2003 12:35:02 -0400
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"
Message-ID: <Law8-F28pPWywCP6K8C00013517@hotmail.com>
X-OriginalArrivalTime: 29 Apr 2003 16:35:02.0400 (UTC) FILETIME=[48510800:01C30E6D]
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

In regards to draft-hoffman-ipsec-algorithms-00-TEMP.txt, I notice that the 
UI ciphersuites make no mention of PFS. Are we assuming that this is an 
implementer decision?

Come to think of it, I don't think we ever resolved the issue of what to do 
when the initiator of a CREATE_CHILD_SA exchange doesn't propose PFS but the 
responder requires it. This could be accomplished with a 
NOTIFY_PFS_REQUIRED_ALWAYS or NOTIFY_PFS_REQUIRED_NEXT_SA message.

Not that we could really change it now, but did anyone consider the idea of 
acheiving PFS simply by applying a one-way hash to SKEYSEED_D, either 
periodically or after every CREATE_CHILD_SA exchange? Sure, there are race 
conditions, but I think they are easily fixed.

Andrew
--------------------------------------
The odd thing about fairness is when
we strive so hard to be equitable
that we forget to be correct.




_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail

v2.23.0 | Report a Bug | By Email