Re: [IPsec] [saag] IETF 114 IPsecME report
Tero Kivinen <kivinen@iki.fi> Sun, 29 January 2023 18:27 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0C07C151555 for <ipsec@ietfa.amsl.com>; Sun, 29 Jan 2023 10:27:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.8
X-Spam-Level:
X-Spam-Status: No, score=-2.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iki.fi
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lC3d6CE4qJvx for <ipsec@ietfa.amsl.com>; Sun, 29 Jan 2023 10:27:53 -0800 (PST)
Received: from meesny.iki.fi (meesny.iki.fi [IPv6:2001:67c:2b0:1c1::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB95DC14CF1D for <ipsec@ietf.org>; Sun, 29 Jan 2023 10:27:52 -0800 (PST)
Received: from fireball.acr.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kivinen@iki.fi) by meesny.iki.fi (Postfix) with ESMTPSA id 47A0320174; Sun, 29 Jan 2023 20:27:48 +0200 (EET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1675016868; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AvQnwoTQ1nJDqFq/enC1PF4Nk9I6Ir5qri6MGRI9ptA=; b=Hh6PWrEGZbIa1hZZBjyu7SRqZJeeMdp300aIMcHK2xSs7nyoTbBgluX6/6nkY+nhLzgeRR 5dM9YcQkVggAvIJJ7sBVUJH70RBWFmoeZUVCXh4uO1JwrWSbRu9wbQSL/RLzj0KqBRcawB 8OljDzAzIKAdH5maNvtomREBd18M3p0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1675016868; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AvQnwoTQ1nJDqFq/enC1PF4Nk9I6Ir5qri6MGRI9ptA=; b=A1g49yonmxpIx35U6alkhcqBJG6ljaJBnayWbVamABp5TqmUMonXY+kao3XVFS//yVktfO 6vOOgZAGENx6TnbncyHXN0pLNVespTJeV1ef7lMig3xXmXEis+fvZ7G93iKVal9wwEz5uv Ao+c/i5QlGegw27enk+LFML8o3u7bz0=
ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=kivinen@iki.fi smtp.mailfrom=kivinen@iki.fi
ARC-Seal: i=1; s=meesny; d=iki.fi; t=1675016868; a=rsa-sha256; cv=none; b=xwy5hGzORUPH99HeKRyUsEc/Kyud4baOx8nP9ZLkjLMrTufDI0VlDMz1+32WZwvjvmnu2j Xx/N6qPBJ6ikc5R8eGTRJ1FwkwpFGlJ5vnE0ylWv6Z6RK9EOV940nzbwoDYcT/tk1Rgkec 3nyiVi+PA4XiOTjB3ZfX5n62F5Nio8A=
Received: by fireball.acr.fi (Postfix, from userid 15204) id AB77625C1300; Sun, 29 Jan 2023 20:27:47 +0200 (EET)
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Message-ID: <25558.47779.655532.512440@fireball.acr.fi>
Date: Sun, 29 Jan 2023 20:27:47 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Paul Wouters <paul.wouters@aiven.io>, ipsec@ietf.org
Cc: Yoav Nir <ynir.ietf@gmail.com>, Roman Danyliw <rdd@cert.org>
In-Reply-To: <CAGL5yWbpx2K3X7FpMVASUeTzQZ2A=tKDw9s5UBqWUKbGnTgxiw@mail.gmail.com>
References: <25311.20490.971667.883557@fireball.acr.fi> <CAGL5yWbWUvqPPsC3e-rqEc5i00WWXAhe=_SurmiWDNzfF54rRg@mail.gmail.com> <CAGL5yWbpx2K3X7FpMVASUeTzQZ2A=tKDw9s5UBqWUKbGnTgxiw@mail.gmail.com>
X-Mailer: VM 8.2.0b under 26.3 (x86_64--netbsd)
X-Edit-Time: 42 min
X-Total-Time: 67 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/b7h9Ix91Y3KFaXn9zIel0L79Kac>
Subject: Re: [IPsec] [saag] IETF 114 IPsecME report
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Jan 2023 18:27:56 -0000
Paul Wouters writes: > On Fri, Sep 23, 2022 at 1:15 PM Paul Wouters <paul.wouters@aiven.io> wrote: > > On Mon, Jul 25, 2022 at 10:24 PM Tero Kivinen <kivinen@iki.fi> wrote: > > Labeled IPsec is ready for publication and > will be submitted to the IESG immediately after this IETF. > > This has still not happened. The Shepherd's write up looks done, so it > would be nice if you can push this to Roman. > > I said that 4 months ago :( > > Tero, please grab a coke zero and spend an hour to push this forward. Let's > not wait yet another IETF please. Sorry no coke zeros here, I only drink Pepsi-max at home :-) Anyways checking the document now, and first of question I have why it is standard track not experimental. The shepherd writeup says: As it is adding a Traffic Selector type, and updates the core IKEv2 specification in RFC 7296, the document is Standards Track. but even if it adds new traffic selector type, I do not really see any reason for it to be standard track it could be experimental. Also I am not sure it even updates RFC7296. It adds new traffic selector type, and adds new rules how that must be narrowed, but it does not affect any old implementations. Old implementations do not need to be changed because of this draft if they do not want to support this. Actually now when I am reading it I can see it provides all kind of incorrect updates to the RFC7296, that will BREAK old implementations. For example the section 1.2 A Traffic Selector payload (TS) is a set of one or more Traffic Selectors of the same or different TS_TYPEs, but MUST include at least one TS_TYPE of TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE. and section 1.3 The negotiation of Traffic Selectors is specified in Section 2.9 of [RFC7296] and states that the TSi/TSr payloads MUST contain at least one Traffic Selector type. This document updates the text to mean that the TSi/TSr payloads MUST contain at least one Traffic Selector of type TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE, as other Traffic Selector types can be defined that are complimentary to these Traffic Selector Types and cannot be selected on their own without TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE. are wrong. The RFC 7296 says: Each TS payload contains one or more Traffic Selectors. Each Traffic Selector consists of an address range (IPv4 or IPv6), a port range, and an IP protocol ID. There is no mandatory text there, this is all just explaining what traffic selectors are. Implicitly there will be one traffic selector as the selectors are taken from the policy, and if we matched some policy then there must be something that we will fill in the Traffic Selectors, but even that is not required by RFC7296. The requirement that each "TSi/TSr payloads MUST contain at least one Traffic Selector of type TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE" is incorrect, and cannot be added to RFC7296 directly or in here. There is for example TS_FC_ADDR_RANGE, and it is completely valid to only include TS_FC_ADDR_RANGE types and no TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE selectors. The RFC4595 defines this TS_FC_ADDR_RANGE and it contains 24-bit addresses for Fibre Channel communications, and other fields which I assume can be narrowed using regular rules specified in the RFC7296 (as RFC4594 does not specify its own narrowing rules). Only the TS_SECLABEL selector defined in this document is "complimentary to these Traffic Selector Types and cannot be selected on their own without TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE." There can be other traffic selectors defined in the future which do not require TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE types at all, thus that kind of limitation cannot be done here. For example the IEEE Std 802.15.9 negotiating keys for the IEEE Std 802.15.4 does not use TS_IPV4_ADDR_RANGE or TS_IPV6_ADDR_RANGE at all, as there is no IP-addresses there. Currently it does not define its own TS_TYPEs, it simply says we use Childless Initiation of IKEv2, thus there will not be TS payloads, and it will derive pairwise key between the two devices using SK_d and nonces. In the future there might be need to actually specify addresses also, and then they would need to come in IETF and specify new TS_TYPE to be used there. This document should simply say that TS_SECLABEL MUST NOT be used alone. This document must not try to do incompatible change to the base RFC7296 which would make conforming implemntations non-conforming. So I do not think this document should update RFC7296 at all, so most of the section 3 is wrong. The first bullet in section 3 is wrong, and second is already allowed by RFC7296, there nothing that says there cannot be one more more other TS_TYPES, thus it is not needed. Section 3 should most likely say something like this: The TS_SECLABEL cannot be used alone as it does not specify traffic selectors completly, it is just complimentary to other traffic selectors. Because of this there MUST be some other TS_TYPEs in addition to TS_SECLABEL in the Traffic Selector Payload when it is used in negotiation. If the TSi Payload contains a traffic selector for TS_TYPE of TS_SECLABEL, a responder MUST create each TS response for other TS_TYPEs than TS_SECLABEL, using normal rules specifed for each TS_TYPE (narrowing them following the rules specified for that TS_TYPE), and then add exactly one for the TS_TYPE of TS_SECLABEL. If this is not possible, it MUST return a TS_UNACCEPTABLE Error Notify payload. If a TS_SECLABLE is deemed optional, the initiator SHOULD first try to negotiate the Child SA with the TS payload including the optional TS_SECLABEL. Upon receiving TS_UNACCEPTABLE, it SHOULD attempt a new Child SA negotiation using the same TS but without the optional TS_SECLABEL. -- kivinen@iki.fi
- Re: [IPsec] [saag] IETF 114 IPsecME report Tero Kivinen
- Re: [IPsec] [saag] IETF 114 IPsecME report Valery Smyslov
- Re: [IPsec] [saag] IETF 114 IPsecME report Paul Wouters
- Re: [IPsec] [saag] IETF 114 IPsecME report Valery Smyslov
- Re: [IPsec] [saag] IETF 114 IPsecME report Tero Kivinen
- Re: [IPsec] [saag] IETF 114 IPsecME report Paul Wouters