Re: [IPsec] Rekeying of child sa, Question on TS handling according to RFC 5996
Pål Dammvik <pal.dammvik@ericsson.com> Thu, 21 August 2014 13:53 UTC
Return-Path: <pal.dammvik@ericsson.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC84D1A02E4 for <ipsec@ietfa.amsl.com>; Thu, 21 Aug 2014 06:53:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.901
X-Spam-Level:
X-Spam-Status: No, score=-3.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9R0sQ-_2MVkq for <ipsec@ietfa.amsl.com>; Thu, 21 Aug 2014 06:53:14 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9DEEE1A02D8 for <ipsec@ietf.org>; Thu, 21 Aug 2014 06:53:13 -0700 (PDT)
X-AuditID: c1b4fb2d-f793d6d000005356-b3-53f5f9c7928d
Received: from ESESSHC004.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 1C.A1.21334.7C9F5F35; Thu, 21 Aug 2014 15:53:11 +0200 (CEST)
Received: from ESESSMB309.ericsson.se ([169.254.9.84]) by ESESSHC004.ericsson.se ([153.88.183.30]) with mapi id 14.03.0174.001; Thu, 21 Aug 2014 15:53:11 +0200
From: Pål Dammvik <pal.dammvik@ericsson.com>
To: Tero Kivinen <kivinen@iki.fi>
Thread-Topic: [IPsec] Rekeying of child sa, Question on TS handling according to RFC 5996
Thread-Index: AQHPvTNVx7QAOH2/gU2uCwGWL297mpvbE4RA
Date: Thu, 21 Aug 2014 13:53:10 +0000
Message-ID: <F68C660364DABE41AF4617F517EF5484117081DF@ESESSMB309.ericsson.se>
References: <F68C660364DABE41AF4617F517EF548411707BE2@ESESSMB309.ericsson.se> <21493.55390.157248.181030@fireball.kivinen.iki.fi>
In-Reply-To: <21493.55390.157248.181030@fireball.kivinen.iki.fi>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.17]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrBLMWRmVeSWpSXmKPExsUyM+Jvje7xn1+DDa70W1vs3/KCzeLo+eds FssXT2Z3YPZYsuQnk8fhrwtZPL5c/swWwBzFZZOSmpNZllqkb5fAlfH5xW3mgt3GFfsOzWFt YFyp2cXIySEhYCJx5lE/K4QtJnHh3nq2LkYuDiGBo4wSlyaeZIVwFjNKnNj0lw2kik3AXmLJ uWfsILaIgKLE7idbmUBsZoEoickzdoNNEhaIlmj+PI0JoiZGYuLvw8wQtpHE1ENfWUBsFgFV iWtnO8HivAK+EpdXzGWEWNbMKNE+8w3YMk4BB4l1Fw6ANTAKyErc/36PBWKZuMStJ/OZIM4W kFiy5zwzhC0q8fLxP6AjOIBsRYnl/XIQ5XoSN6ZOYYOwtSWWLXwNtVdQ4uTMJywTGMVmIZk6 C0nLLCQts5C0LGBkWcUoWpxaXJybbmSsl1qUmVxcnJ+nl5dasokRGFUHt/zW3cG4+rXjIUYB DkYlHt4HK78EC7EmlhVX5h5ilOZgURLnXXRuXrCQQHpiSWp2ampBalF8UWlOavEhRiYOTqkG ximVEjNtzffm7j3Wzda21krnn5rr1+Z1vYfSjT+q7tqqs0ha493n97JfCna1yvqHn5kpWmnp 3uZp9/BF/p9nUhbRqtO+zO/YZ8VYL1dRNZ3/RPQxdxHmwD8hLl0PKi9KbdbT/vVRc+drO7vN b18/+/zlek/kdY2/+1bqP3sq2jzvfo/SgS1mb5RYijMSDbWYi4oTASiKZEyLAgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/ZSMMoODFdNuMZIv0YMC_0lW881A
Cc: "ipsec@ietf.org" <ipsec@ietf.org>, "sec-ads@tools.ietf.org" <sec-ads@tools.ietf.org>
Subject: Re: [IPsec] Rekeying of child sa, Question on TS handling according to RFC 5996
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Aug 2014 13:53:17 -0000
Hi Tero, Thank's a lot for this clarification. I really think that the proposed text for section 2.9.2 clarifies this in a good way and would appreciate if that was inserted into the next revision. Regards Pål -----Original Message----- From: Tero Kivinen [mailto:kivinen@iki.fi] Sent: den 21 augusti 2014 13:31 To: Pål Dammvik Cc: ipsec@ietf.org; sec-ads@tools.ietf.org Subject: [IPsec] Rekeying of child sa, Question on TS handling according to RFC 5996 Pål Dammvik writes: > One of the differences between RFC 5996 and 4306 is in the rekeying > where it's stated in RFC 5996 section 2.8: > > "Note that, when rekeying, the new Child SA SHOULD NOT have > different Traffic Selectors and algorithms than the old one." > > Additionally in section 1.3.3 (that also addresses rekeying) of the > same RFC, it's stated: > > "The Traffic Selectors for traffic to be sent on that SA are > specified in the TS payloads in the response, which may be a subset > of what the initiator of the Child SA proposed." > > I think these sentences leaves some room for interpretation what the > create child sa request message can contain in the rekeying > scenario. > > When a node initiates rekeying of a child sa using the create child > sa message exchange, which traffic selectors is it allowed to > include in the create child sa request? Does it have to be identical > to the negotiated traffic selector from the old child sa (i.e. the > traffic selector received in the original create child sa response > for the sa) or can it for example be the same traffic selectors as > originally proposed in the create child sa request for the old child > sa..? > > There is a strange sentence related to this topic in section 1.7 " > Significant Differences between RFC 4306 and This document" related > to this topic: > > "The new Section 2.9.2 covers Traffic Selectors in rekeying." > > but there does not seem to be a chapter 2.9.2 in the document ?! > > Is this an editorial mistake or something missing? Yes. This is editorial mistake done in 2009... There was original ticket #12 (2008-09-22). http://trac.tools.ietf.org/wg/ipsecme/trac/ticket/12?version=1#L1 which said that we should mention traffic selectors in rekeying. Then we had discussion on the mailing list between 2009-04-01 and 2009-04-08. http://www.ietf.org/mail-archive/web/ipsec/current/msg04112.html http://www.ietf.org/mail-archive/web/ipsec/current/msg04117.html http://www.ietf.org/mail-archive/web/ipsec/current/msg04129.html http://www.ietf.org/mail-archive/web/ipsec/current/msg04133.html http://www.ietf.org/mail-archive/web/ipsec/current/msg04134.html http://www.ietf.org/mail-archive/web/ipsec/current/msg04138.html Then the ticket was closed at 2009-04-20 with status of fixed and with status saying: Added section 2.9.2 on traffic selectors in rekeying. Also added a reference to the new section in 2.8. Then the ticket was reopened at 2009-04-24 and ticket was updated to include new text for the section 2.9.2: http://trac.tools.ietf.org/wg/ipsecme/trac/ticket/12 ---------------------------------------------------------------------- 2.9.2 Traffic Selectors in Rekeying Rekeying is used to replace an existing Child SA with another. If the new SA were allowed to have a narrower set of selectors than the original, traffic that was allowed on the old SA would be dropped in the new SA, thus violating the idea of "replacing". Thus, the new SA MUST NOT have narrower selectors than the original. If the rekeyed SA would ever need to have narrower scope than currently used SA, that would mean that the policy was changed in a way that the currently used SAs are against the policy. In that case, the SA should have been already deleted after the policy change took effect. When the initiator attemepts to rekey the Child SA, the proposed traffic selectors SHOULD be either the same as, or a superset of, the traffic selectors used in the old Child SA. That is, they would be the same as, or a superset of, the currently active (decorrelated) policy. The responder MUST NOT narrow down the traffic selectors narrower than the scope currently in use. Because a rekeyed SA can never have narrower scope than the one currently in use, there is no need for the selectors from the packet, so those selectors SHOULD NOT be sent. ---------------------------------------------------------------------- Then 2009-08-10 the ticket was again closed with comment: Fixed in -05: In 2.8, changed "Note that, when rekeying, the new Child SA MAY have different traffic selectors and algorithms than the old one." to "Note that, when rekeying, the new Child SA SHOULD NOT have different traffic selectors and algorithms than the old one.". In -05 version of the draft this changes was really done, but the section 2.9.2 was not added. In the -07 version the change log was modified to say that the section 2.9.2 was added, but it still wasn't added. And nobody noticed this until now... The RFC editor just asked this when going through the rfc5996bis document, i.e. they asked what this 2.9.2 should be as it is referenced, but not included in the document. Does the missing section 2.9.2 quoted above answer your question? This is also question what should we do for the rfc5996bis. We have two options, we removed the text saying section 2.9.2 was added in the RFC5996, or we add the section 2.9.2 from the ticket #12, and add note that saying that this time we really added it... What does the working group feel we should do? Note, that if we add the 2.9.2 that might cause delays, as I am not sure if we can do that kind of change after IESG has already approved the rfc5996bis (it is now in the AUTH48), meaning it might need IESG to recheck that part. On the other hand I think adding the text which we already have approved in 2009 to the specification would be the right thing to do, as there clearly is need for clarification (as we can see from the Dammvik's question). > As the RFC has similar statement for the negotiated algorithms (i.e. > encryption, integrity), the same question pops up there.. I.e. > should it in the create child sa request only include the algorithms > used by the old child sa or can it include all algorithms originally > proposed... -- kivinen@iki.fi
- [IPsec] Rekeying of child sa, Question on TS hand… Pål Dammvik
- [IPsec] Rekeying of child sa, Question on TS hand… Tero Kivinen
- Re: [IPsec] Rekeying of child sa, Question on TS … Valery Smyslov
- Re: [IPsec] Rekeying of child sa, Question on TS … Pål Dammvik
- Re: [IPsec] Rekeying of child sa, Question on TS … Yoav Nir
- Re: [IPsec] Rekeying of child sa, Question on TS … Kathleen Moriarty
- [IPsec] Typos in draft-kivinen-ipsecme-ikev2-rfc5… Valery Smyslov
- [IPsec] Typos in draft-kivinen-ipsecme-ikev2-rfc5… Tero Kivinen
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Valery Smyslov
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Valery Smyslov
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Valery Smyslov
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Paul Wouters
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Valery Smyslov
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Paul Wouters
- [IPsec] More nits in draft-kivinen-ipsecme-ikev2-… Valery Smyslov
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Tero Kivinen
- Re: [IPsec] Typos in draft-kivinen-ipsecme-ikev2-… Tero Kivinen
- [IPsec] More nits in draft-kivinen-ipsecme-ikev2-… Tero Kivinen