IETF Logo Mail Archive

Re: [IPsec] IPSECKEY algorithm number oddity (and draft-kivinen-ipsecme-oob-pubkey)

Michael Richardson <mcr+ietf@sandelman.ca> Sat, 21 March 2015 00:03 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDFFE1ACEAA for <ipsec@ietfa.amsl.com>; Fri, 20 Mar 2015 17:03:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7jfIukDWqUaN for <ipsec@ietfa.amsl.com>; Fri, 20 Mar 2015 17:03:02 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A2801ACEA9 for <ipsec@ietf.org>; Fri, 20 Mar 2015 17:03:02 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 462A6203BB for <ipsec@ietf.org>; Fri, 20 Mar 2015 20:12:39 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 1738A63B76; Fri, 20 Mar 2015 20:03:00 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id EC14B636B6 for <ipsec@ietf.org>; Fri, 20 Mar 2015 20:03:00 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "ipsec@ietf.org WG" <ipsec@ietf.org>
In-Reply-To: <alpine.LFD.2.10.1503201443170.8576@bofh.nohats.ca>
References: <alpine.LFD.2.10.1503092223260.27452@bofh.nohats.ca> <5250.1426859153@sandelman.ca> <alpine.LFD.2.10.1503201443170.8576@bofh.nohats.ca>
X-Mailer: MH-E 8.6; nmh 1.3-dev; GNU Emacs 24.4.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Fri, 20 Mar 2015 20:03:00 -0400
Message-ID: <821.1426896180@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/urJ7LaPmld969kZ1V7kYjmaePjU>
Subject: Re: [IPsec] IPSECKEY algorithm number oddity (and draft-kivinen-ipsecme-oob-pubkey)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Mar 2015 00:03:04 -0000

Paul Wouters <paul@nohats.ca> wrote:
    >> Paul Wouters <paul@nohats.ca> wrote:
    >> > I was looking at the interaction of draft-kivinen-ipsecme-oob-pubkey and
    >> > IPSECKEY, since IPSECKEY has an algorithm number but oob-pubkey uses the
    >> > SubjectPublicKeyInfo that encodes the algorithm in the SPKI value
    >> > itself.
    >> 
    >> IPSECKEY having been authored some significant time prior to IKEv2, otherwise
    >> it would have reused some IKEv2 registry for the algorithm number.

    > I understand, but even for IKEv2 there will be no all knowing registry
    > of valid algorithm numbers once we allow any kind of SPKI.

Sure, that makes sense, but wasn't the point of punting it all to
SubjectPublicKeyInfo, because if you are going to do new assymetric
algorithms, you are going to have to define how the signature works, and so
specify that part anyway?

    >> > Then I noticed that in fact the registry is a two octet value, while in
    >> > the IPSECKEY record this is a one octet value:
    >> 
    >> > https://tools.ietf.org/html/rfc4025#section-2.1
    >> 
    >> > That's clearly a bug. Is it worth filing an ERRATA for this or should we
    >> > wait and see if we will replace IPSECKEY anyway?
    >> 
    >> But, IPSECKEY doesn't use an IKEv2 parameter, it has it's own registry.
    >> What you write above seems to suggest that it somehow references the IKEv2
    >> registry.  Maybe I don't understand the email.

    > I guess you are right here. I thought it would map 1:1 to:

    > https://www.iana.org/assignments/ipsec-registry/ipsec-registry.xhtml#ipsec-registry-8

    > I guess I wasn't around the IETF at this time so I'm not sure why
    > IPSECKEY had to have its own registry.

I'd say that the IKEv1 registry wasn't easy to reference, IANA was kinda a
mess on those days, and IKEv2 was coming soon...  In hindsight, it should
have referenced something else.  Also the IPSECKEY was the first RR that went
through in what was supposed to be the "easier" RR approval process, and I
think that any additional references would have scared the reviewers over
there.  

    > It still means you cannot use all IKE(v2) algorithms in IPSECKEY
    > records. Who determines which ones are allowed and what are the
    > selection criteria?

I think that ipsecme-oob-pubkey could add new items to the algorithm field,
which is defined as IETF Consensus.  I suggest adding one, which says that it
comes in SubjectPublicKeyInfo format:

    >> If we were to do anything, I'd say that we should create IPSECKEY algorithm
    >> type 3, and say that it uses the same SubjectPublicKeyInfo minimal ASN.1
    >> encoding that oop-pubkey uses.

    > Except if you have multiple algorithms, you can no longer use the
    > IPSECKEY record to lookup which one to use. Does the remote want RSA or
    > ECDSA? Well it will take some SPKI but you won't know until you're in
    > IKE_AUTH (and they possibly rejected yours)

We have that problem right now: one could have RSA or DSA RR.
How is this any different?  I think that IKEv2 has no requirement that the
two ends authenticate with the same algorithm.   I agree that this makes it
difficult to know which of many algorithms to use; I think the answer is
that CERTREQ payloads must be present.







-- 
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email