IETF Logo Mail Archive

Re: [IPsec] Last Call: <draft-kivinen-ipsecme-secure-password-framework-01.txt> (Secure Password Framework for IKEv2) to Informational RFC

Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 28 July 2011 05:50 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9BC611E80A4; Wed, 27 Jul 2011 22:50:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4h35RoRmOZSe; Wed, 27 Jul 2011 22:50:10 -0700 (PDT)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id 588DD11E8089; Wed, 27 Jul 2011 22:50:09 -0700 (PDT)
Received: by wwe5 with SMTP id 5so1403995wwe.13 for <multiple recipients>; Wed, 27 Jul 2011 22:50:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=wFi8IvUotghE83t2Kb6ntbjZ+u8mlcxIh6gaASdcGzM=; b=YiUEVEfVwk4SzbEaEH1+AKB+QjJT3p7FncZGL886G2ebytXFVUNF2CJPmJ9W4WUgNd oGsIrbxzyZGTAGWslkhqR3GixritEQj7n9H26/bYSvSa69F0VatfQMsO8j35FhoTeoV9 6Hnz9CPKOSkd6xS5QLpmpMBU5oU4IO3zrD5HA=
Received: by 10.227.175.139 with SMTP id ba11mr880864wbb.23.1311832208382; Wed, 27 Jul 2011 22:50:08 -0700 (PDT)
Received: from [10.0.0.2] (bzq-79-179-237-205.red.bezeqint.net [79.179.237.205]) by mx.google.com with ESMTPS id fr7sm511121wbb.56.2011.07.27.22.50.05 (version=SSLv3 cipher=OTHER); Wed, 27 Jul 2011 22:50:07 -0700 (PDT)
Message-ID: <4E30F876.70200@gmail.com>
Date: Thu, 28 Jul 2011 08:49:42 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: Dan Harkins <dharkins@lounge.org>
References: <20110727164459.29853.48303.idtracker@ietfa.amsl.com> <7C54FFE2-FFE0-4B4C-BF7E-142A6B10DF6B@checkpoint.com> <78B594BA-9406-44A2-AB8E-0BF5A425AEC1@vpnc.org> <7828ad8727dd860ccd6c5eb5acd52c19.squirrel@www.trepanning.net>
In-Reply-To: <7828ad8727dd860ccd6c5eb5acd52c19.squirrel@www.trepanning.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: IPsecme WG <ipsec@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>, IETF-Discussion list <ietf@ietf.org>
Subject: Re: [IPsec] Last Call: <draft-kivinen-ipsecme-secure-password-framework-01.txt> (Secure Password Framework for IKEv2) to Informational RFC
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jul 2011 05:50:10 -0000

Unfortunately Dan cannot accept that there may be objective, non 
political reasons for the group not to adopt his work. Which is the 
reason why three alternative proposals were published several months 
after his proposed PAKE solution.

As co-chairmen of ipsecme, Paul and I did our best to get the group to 
agree on a single solution, to the point where we both supported Dan's 
criteria for selecting such a solution. Unfortunately we failed: while 
the group supported a PAKE in IKEv2 "in the abstract", there was not 
enough energy to pick a single protocol for this purpose.

Back to the matter at hand: I am opposed to 
draft-kivinen-ipsecme-secure-password-framework. It has served its 
purpose when two of the proposals were changed to add method 
negotiation, and thus enable IKE peers to implement none, one or more of 
these methods. I believe the other justifications for this draft, 
including the preservation of IANA IKEv2 namespaces, are bogus. Adopting 
the rest of the framework would be a useless exercise.

Personally, given that all three current proposals are being advanced as 
Experimental outside the WG, I would argue that we are wasting far too 
much energy on this grand unified framework. And this includes the 
current mail exchange.

Thanks,
     Yaron

On 28.7.2011 08:02, Dan Harkins wrote:
>    Paul,
>
>    The existence of this draft shows a failure of YOUR leadership (and
> that of your co-chairman) of the working group. Consensus was achieved
> to add an authentication method based on a simple password yet you
> seemingly worked to do everything possible to create division in the
> working group and then stepped in to declare failure because no
> consensus existed.
>
>    We could've had a single standards-track solution to this problem over a
> year ago if you had treated the singular draft used to argue for addition
> of this work to the charter in the same way that you treated the singular
> draft used to argue for addition of "EAP only" authentication to the
> charter. The latter (authored by one of the chairmen) was advanced to
> standards track after receiving a whopping ZERO comments from the WG and
> the former was killed by the chairmen because the only comments on the
> list were from authors of competing drafts (after manufacturing the
> competition in the first place).
>
>    There was hostility by the IPsecME chairmen to this work item from
> the beginning and you worked to ensure its failure in the WG. Now you're
> against advancement of Tero's draft to forge the best possible outcome
> now? Not a surprise!
>
>    Put that hat back on, along with a sackcloth and ashes, and say "mea
> culpa".
>
>    Dan.
>
> On Wed, July 27, 2011 5:12 pm, Paul Hoffman wrote:
>> <hat location="off">
>>
>> On Jul 27, 2011, at 6:30 PM, Yoav Nir wrote:
>>
>>> I think this is a terrible idea.
>> +.5. I think is is a bad idea.
>>
>>> IKEv2 has a way for mutual authentication with a shared key.
>>>
>>> A concern was raised that this method was vulnerable to guessing if
>>> trivial shared keys were configured.
>>>
>>> There were several proposals for a better cryptographic method.
>>>
>>> The IPsecME working group failed to choose between them. This is not so
>>> surprising, because most participants are engineers, not cryptographers.
>>> Even those with some cryptographic background stayed silent because
>>> choosing between several cryptographic protocols is hard. IETF last
>>> calls and the IESG did not help much either.
>>>
>>> This draft represents a total shirking of our responsibility.
>> +.5. I think think it represents a shirking of our leadership's
>> responsibility. Our leadership said that they would deal with the issue if
>> the WG could not come to consensus, and the WG could not come to
>> consensus. Adding a layer of indirection that is mostly transparent is not
>> dealing with it.
>>
>>> Rather than decide on one protocol that is "best" or even arbitrarily
>>> choosing one that is "good enough", it proposes to build a framework so
>>> that everyone and their dog can have their own method. This is a
>>> nightmare for developers: since you can't know what method the peer will
>>> support, you have to implement all of them.
>>>
>>> If this had been a hierarchical organization, some manager would decide
>>> which of the methods gets developed (or published) and the others would
>>> be relegated to the recycle bin.
>>>
>>> The IETF is not like that and we seek to reach consensus. That's a good
>>> thing, but this time it's leading us to a really bad solution for
>>> interoperability, and a really bad solution for implementers.
>>>
>>> I am opposed to this draft.
>> +1
>>
>>
>> On Jul 27, 2011, at 6:52 PM, Tero Kivinen wrote:
>>
>>> Yoav Nir writes:
>>>> This draft represents a total shirking of our responsibility. Rather
>>>> than decide on one protocol that is "best" or even arbitrarily
>>>> choosing one that is "good enough", it proposes to build a framework
>>>> so that everyone and their dog can have their own method. This is a
>>>> nightmare for developers: since you can't know what method the peer
>>>> will support, you have to implement all of them.
>>> Partially yes, but unfortunately all of the authors of those actual
>>> protocols decided that they wanted to continue publishing those drafts
>>> as individual RFCs, and each of them used different way to negotiate
>>> them, so there was no way to even implement multiple of them.
>> Is this true? Because each has it's own way to negotiate its use, one
>> should be able to implement multiple of the competing proposals as-is,
>> yes?
>>
>>> At least this drafts gives you that option to implement multiple of
>>> them if you want. This draft only provides instructions for those
>>> other draft authors so they can at least common methods to negotiate
>>> the feature and use common method to trasmit data between peers.
>> True, but it is still punting the problem of us having just one.
>>
>> --Paul Hoffman
>>
>> _______________________________________________
>> IPsec mailing list
>> IPsec@ietf.org
>> https://www.ietf.org/mailman/listinfo/ipsec
>>
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec

v2.23.0 | Report a Bug | By Email