Re: [MEXT] Call for WG adoption of I-D: draft-korhonen-mext-mip6-altsec

[Julien Laganier <julien.ietf@gmail.com>]

Hello Jouni,

Please see inline:

On Mon, Feb 7, 2011 at 2:14 PM, Jouni <jouni.nospam@gmail.com> wrote:
> Hello Julien,
>
> On Feb 7, 2011, at 11:10 PM, Julien Laganier wrote:
>
>> Hi Jouni,
>>
>> On Sat, Feb 5, 2011 at 1:34 AM, jouni korhonen <jouni.nospam@gmail.com> wrote:
>>> Hi Julien,
>>>
>>>
>>> On Jan 29, 2011, at 1:10 AM, Laganier, Julien wrote:
>>>
>>>> None of these two points explains to me why you have to duplicate ESP functionality:
>>>>
>>>> 1) You have chosen to handle SPI differently, but I don't know why.
>>>
>>> That was a design decision for easily to detect the type of the UDP payload. In some other cases folks have used algorithms, hash functions and such to encode more information into the SPI but we thought that would an too much. Therefore, we just dedicated few bits of the SPI for additional information.
>>
>> Can't you use some bits at the beginning of the UDP payload instead of
>> overloading the SPI semantic? If so that would remove the different
>> SPI handling point.
>
> Do you mean like RFC3948? And then e.g. reusing the non-esp marker place holder but just in different ports..? That could most likely work.

That's a possibility too.

What I had in mind was that you define a new UDP encapsulation (as is
done in Arnaud's M6t draft) on top of which you have IPsec SAs to
protect DSMIPv6 signaling, and possibly different IPsec SAs to protect
user plane. If user plane needs not to be protected it would just be
layered cleartext on top of the UDP encapsulation. If you need to
indicate which UDP packets contains what for the scheme to work, you
can pick a fixed number of the first bytes of the payload to encode
whatever you need.

Then you define a new key exchange as you've been doing, based on TLS,
but that key exchange establish IPsec SAs in the stack, instead of
your protocol / software duplicating ESP functionality. Security wise
it is safer, and implementation wise it is easier. On Linux, *BSD,
SunOS, PFKEY is there. Having it in Linux already covers Android,
Maemo, Meego, etc.

If we do this, you simplify the interactions between IPsec and
DSMIPv6. You no longer have interactions with IKEv2. Your system is
modular and cleaner. I believe that it would satisfy the goals you set
when working out this approach.

>>>> 2) As to ESP being absent, if the goal is to not protect some of the user-plane traffic, you can use ESP-NULL, or just the UDP encap...
>>>
>>> Well, yes-ish. However, if I decided to send a packet without being protected, then after dispatching the packet (that is based on our SPI with type information) why would I need to do any further processing on it? If you got ESP-NULL, you still need to do additional processing like integrity check (if I were to follow ESP rules). I admit it might be "minor" but still.
>>>
>>> So, I'll just ask once more. If I were to use ESP format laid out in other RFC and reference to them to make sure the format processing goes right, is it OK for me then to go against all MUSTs and SHALLs for the rest of the ESP rules, for example when it comes to handling of ESP-NULL?
>>
>> Forget about ESP-NULL. The solution to pass user-plane traffic
>> unprotected is to pass it clear text over your UDP encapsulation. What
>
> Good.
>
>> is the problem with the rest of the ESP rules?
>
> Not a problem with ESP rules per se but I just want to be sure that using RFC4303 as-is does not imply the rest of the stuff we purposely ran away.

See above. If you provide the UDP encapsulation under IPsec ala M6t,
IPsec processing and DSMIPv6 processing is decoupled to the point that
your DSMIPv6 UDP tunneling code only need to check the CoA in outbound
packets (any address for BU, only registered CoA for data.) There
seems to be nothing left to run away from :-)

Please let me know what you think.

--julien