Re: [IPsec] Martin Duke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)
Valery Smyslov <svan@elvis.ru> Wed, 02 March 2022 21:26 UTC
Return-Path: <svan@elvis.ru>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4E133A0822; Wed, 2 Mar 2022 13:26:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZFUA5U5CcOGx; Wed, 2 Mar 2022 13:26:46 -0800 (PST)
Received: from dpmail.elvis.ru (dpmail.elvis.ru [93.188.44.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 178E93A07F7; Wed, 2 Mar 2022 13:26:41 -0800 (PST)
Received: from kmail.elvis.ru ([93.188.44.208]) by dpmail.elvis.ru with esmtp (Exim 4.89) (envelope-from <svan@elvis.ru>) id 1nPWUV-0007zz-4i; Thu, 03 Mar 2022 00:26:37 +0300
Received: from mail16.office.elvis.ru ([10.111.1.29] helo=mail.office.elvis.ru) by kmail.elvis.ru with esmtp (Exim 4.92) (envelope-from <svan@elvis.ru>) id 1nPWUU-0003dY-VB; Thu, 03 Mar 2022 00:26:35 +0300
Received: from MAIL16.office.elvis.ru (10.111.1.29) by MAIL16.office.elvis.ru (10.111.1.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1779.2; Thu, 3 Mar 2022 00:26:34 +0300
Received: from chichi (10.100.101.22) by MAIL16.office.elvis.ru (10.111.1.29) with Microsoft SMTP Server id 15.1.1779.2 via Frontend Transport; Thu, 3 Mar 2022 00:26:34 +0300
From: Valery Smyslov <svan@elvis.ru>
To: 'Martin Duke' <martin.h.duke@gmail.com>, 'The IESG' <iesg@ietf.org>
CC: draft-ietf-ipsecme-ikev2-intermediate@ietf.org, ipsecme-chairs@ietf.org, ipsec@ietf.org, ynir.ietf@gmail.com
References: <164625223564.17953.1128366395669864994@ietfa.amsl.com>
In-Reply-To: <164625223564.17953.1128366395669864994@ietfa.amsl.com>
Date: Thu, 03 Mar 2022 00:26:30 +0300
Message-ID: <006701d82e7c$2ea5f480$8bf1dd80$@elvis.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJ+dqbm/PRBodiNUi9Y9ZJtYJe/watgAFnw
Content-Language: ru
X-CrossPremisesHeadersFilteredBySendConnector: MAIL16.office.elvis.ru
X-OrganizationHeadersPreserved: MAIL16.office.elvis.ru
X-KLMS-AntiSpam-Interceptor-Info: not scanned
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: clean
X-KLMS-AntiSpam-Status: not scanned, disabled by settings
X-KLMS-AntiPhishing: Clean, bases: 2022/02/20 23:15:00
X-KLMS-AntiVirus: Kaspersky Security for Linux Mail Server, version 8.0.3.30, bases: 2022/02/20 20:13:00 #18795747
X-KLMS-AntiVirus-Status: Clean, skipped
X-Spam-Scanner: Rspamd work in dpmail.elvis.ru, WHITELIST
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/hVuJqYtfyfIoXEYDXb-fuM_8kMw>
Subject: Re: [IPsec] Martin Duke's No Objection on draft-ietf-ipsecme-ikev2-intermediate-09: (with COMMENT)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2022 21:26:49 -0000
Hi Martin, thank you for your comments. > Martin Duke has entered the following ballot position for > draft-ietf-ipsecme-ikev2-intermediate-09: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot- > positions/ > for more information about how to handle DISCUSS and COMMENT > positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ikev2-intermediate/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > (3.2) "Implementations MUST verify that Message IDs in the > IKE_INTERMEDIATE > messages [increment by 1]". Or what? In any case, isn't this fully enforced > by > the WINDOW_SIZE parameter in Sec 2.3 of RFC 7296? That is, if > WINDOW_SIZE == 1, > any message that doesn't increment by 1 will simply be ignored. If > WINDOW_SIZE > > 1, receiving an increment > 1 is in fact legal (due to packet loss) but the > window will not advance until all IDs are received? Your understanding is correct. These requirements are in RFC 7296 and may look redundant in this document. While it is not a good practice to repeat requirements from another document, it is done here for the purpose of bringing readers' attention to them, because for this particular exchange they are crucial for security. The way IKE_INTERMEDIATE exchanges are authenticated implies that chunks of data fed into the prf be in the order these exchanges took place. Scott Fluhrer suggested to reinforce the requirement to check Message ID in the draft (quoting his private e-mail with his permission): "... we need to be careful about Message ID handling; what we want to prevent is an attacker resending a previous encrypted IKE Intermediate message, and confusing things (which plausibly could happen if there were a large number of IKE intermediate exchanges, and the sides don't track all the message IDs that they've seen already). I would suggest that the draft state that the responder MUST verify that the message IDs received are increasing (or is that inferable from the IKE RFC?)." So, while it is basically repetition of what RFC 7296 says, it was decided to reiterate these requirement due to their importance for security. > (5) The security considerations hint at it with all the DoS talk, but it would > be valuable to place some limits on the kind of information that can be > contained in IKE_INTERMEDIATE and how it is processed. The document > doesn't > appear to explicitly restrict these messages to overflow from IKE_SA_INIT > messages, so if an extension sends e.g. user data in these what are the > implications? I'd suggest that applications not process such data until AUTH > exchange is complete. This document defines only the IKE_INTERMEDIATE exchange itself. It is expected that other documents will define its application and the types of data it contains. That said, I agree that IKE_INTERMEDIATE must only be used in those cases, when the data transferred needs to be processed before (or in) IKE_AUTH. So, it's not for transferring user data (and I hope no specification will use it for this purpose). I can add something like this: It is expected that the IKE_INTERMEDIATE exchange will only be used for transferring data that is needed to establish IKE SA and not for data that can be send later when this SA is established. Is it OK? > While I am not particularly happy with solely using the WINDOW_SIZE > mechanism > to regulate the amount of data in flight, IMO that is an issue with RFC 7296 > and not this document. Indeed. Thank you! Regards, Valery.
- [IPsec] Martin Duke's No Objection on draft-ietf-… Martin Duke via Datatracker
- Re: [IPsec] Martin Duke's No Objection on draft-i… Valery Smyslov
- Re: [IPsec] Martin Duke's No Objection on draft-i… Martin Duke
- Re: [IPsec] Martin Duke's No Objection on draft-i… Valery Smyslov
- Re: [IPsec] Martin Duke's No Objection on draft-i… Martin Duke