IETF Logo Mail Archive

Re: [IPsec] WG Last Call on "The NULL Authentication Method in IKEv2 Protocol" draft-smyslov-ipsecme-ikev2-null-auth (fwd)

Paul Wouters <paul@nohats.ca> Tue, 20 January 2015 15:19 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACD851B2DC2 for <ipsec@ietfa.amsl.com>; Tue, 20 Jan 2015 07:19:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0aabtuXP4I_1 for <ipsec@ietfa.amsl.com>; Tue, 20 Jan 2015 07:19:44 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A8891B2DB7 for <ipsec@ietf.org>; Tue, 20 Jan 2015 07:19:44 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3kRYSV1d3CzCKy; Tue, 20 Jan 2015 16:19:38 +0100 (CET)
Authentication-Results: mx.nohats.ca; dkim=pass reason="1024-bit key; unprotected key" header.d=nohats.ca header.i=@nohats.ca header.b=cy450Xox; dkim-adsp=pass
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id J309ccSL1JZI; Tue, 20 Jan 2015 16:19:37 +0100 (CET)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 20 Jan 2015 16:19:37 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 44D178004F; Tue, 20 Jan 2015 10:19:36 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1421767176; bh=Kg6UeaIPqMbWU1Je0tLl7XETTJn3bWDv/XT84iYeNOA=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=cy450XoxXTZV9A0rVUxccCk8h+lr70t2aCKC1GSwI9uSrX7NJ5IeFXbckhumExt+Q QDn+snkT61UasoF+v2LXOCRobZYbVTpQGF1UBgN4wjyb9cU06L1IIGGXo4rHAVoMrG imRQFDOPPeCuNcX9Gvx8WiVJCbWZ2kYaXuhC9WvQ=
Received: from localhost (paul@localhost) by bofh.nohats.ca (8.14.7/8.14.7/Submit) with ESMTP id t0KFJZZX031003; Tue, 20 Jan 2015 10:19:35 -0500
X-Authentication-Warning: bofh.nohats.ca: paul owned process doing -bs
Date: Tue, 20 Jan 2015 10:19:35 -0500
From: Paul Wouters <paul@nohats.ca>
To: Tero Kivinen <kivinen@iki.fi>
In-Reply-To: <21694.26453.977101.952972@fireball.kivinen.iki.fi>
Message-ID: <alpine.LFD.2.10.1501201009460.16777@bofh.nohats.ca>
References: <alpine.LFD.2.10.1501131139150.13941@bofh.nohats.ca> <038B7179C6EB4C5BB2A110AD37541204@buildpc> <21694.26453.977101.952972@fireball.kivinen.iki.fi>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/aORZAI0K_zVK1N0GLdOFqAr7518>
Cc: IPsecME WG <ipsec@ietf.org>, Valery Smyslov <svanru@gmail.com>
Subject: Re: [IPsec] WG Last Call on "The NULL Authentication Method in IKEv2 Protocol" draft-smyslov-ipsecme-ikev2-null-auth (fwd)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jan 2015 15:19:48 -0000

On Tue, 20 Jan 2015, Tero Kivinen wrote:

>>> Traffic Selectors
> ...
>>> And opens up the reverse attack of the server stealing the
>>> client's 8.8.8.8 traffic. Some more discussion and insights on this
>>> would be useful.
>
> Actually I think I am missing something. How can server steal clients
> 8.8.8.8 traffic? Even if it assigns client 8.8.8.7 IP address, that
> does not mean 8.8.8.8 is sent to the server. Server can assign 8.8.8.8
> for the client, which means that 8.8.8.8 traffic from the client does
> not go anywhere (i.e. it is routed to localhost, because client think
> it is his own IP), but that does not allow stealing traffic.

You are right. I was thinking of 8.8.8.8 <-> 0.0.0.0/0 but you don't do
that. I guess you would just use the equivalent of:

 	ip route add serverip src 8.8.8.8

> Also client can easily limit that address assigned to it via
> configuration payload must be from the private address range, as there
> is no reason for server to assign client real routable IP-address in
> unauthenticated user case. But again this is policy decision which
> implementations need to do.

Sure. and this discussion is suitable for the opportunistic document,
not auth_null. We should only put in a short summary here.

>> I think it is a server's policy issue. It can always restrict
>> the number of IPsec SAs from a single peer
>> by using NO_ADDITIONAL_SAS notification.
>> The document should not impose any restrictions here, IMHO.
>
> Agree. Implementations might also have different limits depending
> whether the other end is authenticated or unauthenticated, i.e.
> unauthenticated clients might only be able to create for example 10
> Child SAs, and authenticated clients can create 1000 Child SAs... And
> btw child SAs are quite cheap, so the limit does not need to be 1 and
> 3... :)

But what's the point? Just to protect th per-port IPsec SA's with
more PFS in CREATE_CHILD_SA ?

It will only cause interop failures. The client will not pick a
host-to-host but picks say port 80 only. Then it wants port 443 and
gets NO_ADDITIONAL_SAS. Then it needs to drop the port 80 SA and
restart everything to get the full range single SA.

If you are not authenticated, what is the point in splitting up the
traffic in different IPsec SA's per protocol or port?

The only use case I have heard of that could apply, is the use case
of being mandated to NOT encrypt something for auditing purposes. But
traffic selectors really suck for "everything but sip and smtp and pop
and imap" :P

We need less buttons and possibly interop issues, not more. So Instead
of trying to allow as much of IKEv2 features as you can dream of, lets
stick to those bells and whistles that make sense in the unauthenticated
scenario.

Paul

v2.23.0 | Report a Bug | By Email