IETF Logo Mail Archive

Re: Failure of AH

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 21 March 2017 14:57 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 584241299D3 for <ipv6@ietfa.amsl.com>; Tue, 21 Mar 2017 07:57:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6HJXH7o8effK for <ipv6@ietfa.amsl.com>; Tue, 21 Mar 2017 07:57:16 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02D961299BB for <ipv6@ietf.org>; Tue, 21 Mar 2017 07:57:14 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 6D70220183 for <ipv6@ietf.org>; Tue, 21 Mar 2017 11:20:40 -0400 (EDT)
Received: from obiwan.sandelman.ca (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 44AFE636BB for <ipv6@ietf.org>; Tue, 21 Mar 2017 10:57:13 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: 6man WG <ipv6@ietf.org>
Subject: Re: Failure of AH
In-Reply-To: <a9e919b4-df76-f8d1-a7a9-3a632fc03b23@gmail.com>
References: <599257D7-532D-4512-929B-D124623EAF35@ericsson.com> <37ED3E78-B23A-4D29-8597-5A63236129B1@cisco.com> <887bd0f0-32a5-56f1-9ac9-703ecb97a760@gmail.com> <80D8FFF0-2674-48A7-A935-11681F5C5A4D@jisc.ac.uk> <A67E1C07-282B-4422-A2FF-86F6CACBD775@cable.comcast.com> <ab7c95a5-9776-24b5-7c26-4c5987d4c948@isi.edu> <ed2f5144-52fb-dda5-1fb4-62be1625b341@gmail.com> <401F52B1-3D41-4174-9425-50571B2D0B9E@jisc.ac.uk> <6d51de4b-3a9d-0f34-1cd2-5bb30caed75e@gmail.com> <DE16D91D-AE7B-4D3C-B8EA-0CB644FB96BD@cable.comcast.com> <CA+b+ER=6dXLiwvLJa84uvpVeH0daGnZ-06P16JD0UutTrbUYyA@mail.gmail.com> <2a808465-58c9-1d5e-700b-f04043b33c1c@gmail.com> <32305.1489937663@obiwan.sandelman.ca> <0e628656-f8b2-effb-9f93-2efe6b0ee4c5@gmail.com> <11502.1489948766@obiwan.sandelman.ca> <735862da-0e36-b36d-5f0f-0c25245c0f2a@huitema.net> <18061.1490019476@obiwan.sandelman.ca> <a9e919b4-df76-f8d1-a7a9-3a632fc03b23@gmail.com>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Tue, 21 Mar 2017 10:57:13 -0400
Message-ID: <28840.1490108233@obiwan.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/69GfuZoiXFosfvr3o4HiONTC77M>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 14:57:17 -0000

Brian E Carpenter <brian.e.carpenter@gmail.com> wrote:
    > On 21/03/2017 03:17, Michael Richardson wrote: ...
    >> So I'm just not worried about breaking AH.

    > That's well understood for today's AH. What bothers me is that if we
    > allowed en-route changes to headers now, without thinking this aspect
    > through, we might make any future AH-like authentication mechanism
    > impossible too. So at a minimum, we'd have to be sure that inserted,
    > modifiable and deletable headers are marked in some way that will allow
    > them to be excluded from authentication. That was thought about years
    > ago for IPv6 options, but not for extension headers.

a) AH was invented in the early 1990s, and was a response to the realization
   that we might not get a cryptographic system out of the US that included
   encryption.

b) it has never been useful for authenticating IPv6 headers.  The one time
   that we got close was SEND, and we specified the "unknown SPI" behaviour
   wrong so we couldn't do SEND as AH+ICMP unless we had a flag day.

c) I would claim that the headers that would most benefit from being
   authenticated would ones inserted mid-path :-)
   That argues actually for IPIP encapsulation of those headers so that
   the trust anchor is the IPv6 src address. (but, AH SPI# are allocated by
   destinations, not senders, so AH is also wrong for that)

   But, we have inadequately documented IPIP header decapsulation by end
   hosts, explaining that they should ignore AH (or AHng) headers that they
   do not understand.

d) does 7045 even give us enough power to create AHng?  I didn't read it
   that way.

I'm just not convinced that "breaks IPsec" is a valid concern.
(And I weep saying this)


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email