Re: [IPsec] New PAKE Criteria draft posted (def. of gateway)

Yaron Sheffer <yaronf.ietf@gmail.com> Sun, 28 March 2010 08:40 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 87E423A67DB for <ipsec@core3.amsl.com>; Sun, 28 Mar 2010 01:40:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.106
X-Spam-Level:
X-Spam-Status: No, score=-0.106 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, J_CHICKENPOX_33=0.6, SARE_RECV_BEZEQINT_B=0.763]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1t-9XhV5+Rp2 for <ipsec@core3.amsl.com>; Sun, 28 Mar 2010 01:40:10 -0700 (PDT)
Received: from mail-fx0-f213.google.com (mail-fx0-f213.google.com [209.85.220.213]) by core3.amsl.com (Postfix) with ESMTP id 6A2003A6452 for <ipsec@ietf.org>; Sun, 28 Mar 2010 01:40:10 -0700 (PDT)
Received: by fxm5 with SMTP id 5so3037935fxm.29 for <ipsec@ietf.org>; Sun, 28 Mar 2010 01:40:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=oC4w9/6DYetjtdlzOigcoSePdEKm8fH6CF0Jt4KMsu4=; b=EkjkUQlYujjJDGDbQt5u40jbpDM4pe1Q532Jdz7nbYYoLb/zT3slXOdu/JvwvGZjhG 76zcQl0WDtbeIX95NLi8M5XJwvCIhtHhgfabiNKRnnumIAkD4RjYcfSt64RbEcDePl2+ 1DcvRy1qi12lqDPOo0IVVILxlyQ+N6HVtsjv4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=Gy0tZwj9b8RGzHzENzmx5Qrqjjf4gDU7Gma2uUNf8F7XGt3moVKIEwbkNx4iJt75z1 2HKZ95Z06swSHjM/XOIPhbWYXLU7a3dmc9++KRy6uC62O4zKK6XXm2WZHNfaMweT25bM Y3SFrwnnUKgZyNOHPC+4LoDTjumyYFF7ASevc=
Received: by 10.86.221.34 with SMTP id t34mr1834389fgg.36.1269765633279; Sun, 28 Mar 2010 01:40:33 -0700 (PDT)
Received: from [10.20.30.13] ([62.219.129.160]) by mx.google.com with ESMTPS id d4sm4704351fga.5.2010.03.28.01.40.31 (version=SSLv3 cipher=RC4-MD5); Sun, 28 Mar 2010 01:40:32 -0700 (PDT)
Message-ID: <4BAF1610.8050004@gmail.com>
Date: Sun, 28 Mar 2010 11:40:48 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3
MIME-Version: 1.0
To: Kaz Kobara <kobara_conf@m.aist.go.jp>
References: <015701cacc74$9b0f3c20$d12db460$@aist.go.jp> <4BAC4283.9010002@gmail.com> <018001cacd04$d59efc50$80dcf4f0$@aist.go.jp> <4BAE10BC.7090401@gmail.com> <001001cacdd7$557f0190$007d04b0$@aist.go.jp> <3b12564381bb3d1b9eea9b3276a68487.squirrel@www.trepanning.net> <001801cace41$98e87e10$cab97a30$@aist.go.jp>
In-Reply-To: <001801cace41$98e87e10$cab97a30$@aist.go.jp>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: ipsec@ietf.org
Subject: Re: [IPsec] New PAKE Criteria draft posted (def. of gateway)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Mar 2010 08:40:11 -0000

Hi Kaz,

Most of the WG members are aware of the whole picture:

- The standard is clear that PSK must not be used with passwords.
- The standard contains a good solution for the client-gateway case, 
which is already widely implemented, namely EAP. EAP is implemented by 
many AAA servers, is available on endpoints and simple to integrate into 
gateways, and is therefore the best way to set up a remote access 
solution if you have more than, say, 5 users.
- Having two ways to do the same thing (e.g. IKE+EAP with a mutual auth 
method, and IKEv2 with the new proposed mode) is bad for 
interoperability and ultimately, for the success of the standard.

Thanks,
	Yaron

On 28.3.2010 9:40, Kaz Kobara wrote:
>>    So is there a reason you don't want to fix this "between clients
>> and gateways"?
>
> (As most of this WG members have already noticed)
> PSK in IKE is foolish in the sense that it is vulnerable against off-line
> dictionary attack while using heavy DH calculation.
>
> There is no reason not to fix this foolish PSK (regardless of "between
> gateways" and "between clients and gateways".)
>
> Kaz
>
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec