IETF Logo Mail Archive

Re: [pcp] Comparison of PCP authentication

"Dan Wing" <dwing@cisco.com> Mon, 06 August 2012 21:19 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70A1F21E8082 for <pcp@ietfa.amsl.com>; Mon, 6 Aug 2012 14:19:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.191
X-Spam-Level:
X-Spam-Status: No, score=-110.191 tagged_above=-999 required=5 tests=[AWL=-0.192, BAYES_00=-2.599, J_CHICKENPOX_53=0.6, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2hRmCU70I2JY for <pcp@ietfa.amsl.com>; Mon, 6 Aug 2012 14:19:04 -0700 (PDT)
Received: from mtv-iport-1.cisco.com (mtv-iport-1.cisco.com [173.36.130.12]) by ietfa.amsl.com (Postfix) with ESMTP id 681D121E804D for <pcp@ietf.org>; Mon, 6 Aug 2012 14:19:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=dwing@cisco.com; l=9139; q=dns/txt; s=iport; t=1344287944; x=1345497544; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=eQ64rywq1gp3hlTudeJzRgYXs8c/cdYoGczAO3U2/X4=; b=Tg5XBw/+ozVMuVfssLfVotPItVRW/KqqmYBaQuKbp6NPJyEhCIg75Lyc TRJ4ZuguxsJ0O3vcOl1eeW6QhBwTilH/Ct87x7sBFiOz5Ltc76EVerDss mx0iOe7GPINX5JJ4gI9ccCz2cKeNZlCqCky87JBOoRw0DsNrDvKlGJ/v6 I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgEFAPMzIFCrRDoH/2dsb2JhbABFqhKPNoEHgiABAQEDAQEBAQUKARcQMgIIAwUHAQMCCQ4BAgQBAQEnBxkOFQoJCAEBBAESCQIQB4dlBQybCI1jkkOLSocEA4hNhQ2JA40SgWaCfw
X-IronPort-AV: E=Sophos;i="4.77,720,1336348800"; d="scan'208";a="51150360"
Received: from mtv-core-2.cisco.com ([171.68.58.7]) by mtv-iport-1.cisco.com with ESMTP; 06 Aug 2012 21:19:01 +0000
Received: from dwingWS (sjc-vpn3-793.cisco.com [10.21.67.25]) by mtv-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id q76LJ1Ux002133; Mon, 6 Aug 2012 21:19:01 GMT
From: Dan Wing <dwing@cisco.com>
To: 'Margaret Wasserman' <mrw@lilacglade.org>, 'Alper Yegin' <alper.yegin@yegin.org>
References: <9B57C850BB53634CACEC56EF4853FF653B6EC381@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <7FE144CF-00E3-4451-8CBE-A6A684DB7CC4@yegin.org> <067d01cd73fd$765a6c50$630f44f0$@com> <D6D2DEED-C35A-45AB-8B72-96195C308DB9@yegin.org> <57FF0F8E-1B86-410F-8B6B-C4893A28222F@lilacglade.org>
In-Reply-To: <57FF0F8E-1B86-410F-8B6B-C4893A28222F@lilacglade.org>
Date: Mon, 06 Aug 2012 14:19:00 -0700
Message-ID: <075301cd7419$19557dd0$4c007970$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac10DnhIECfuuNknRVyqZBU7iOOwuwACmqDw
Content-Language: en-us
Cc: pcp@ietf.org
Subject: Re: [pcp] Comparison of PCP authentication
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Aug 2012 21:19:05 -0000

> -----Original Message-----
> From: Margaret Wasserman [mailto:mrw@lilacglade.org]
> Sent: Monday, August 06, 2012 1:03 PM
> To: Alper Yegin
> Cc: Dan Wing; pcp@ietf.org
> Subject: Re: [pcp] Comparison of PCP authentication
> 
> 
> Hi Alper,
> 
> Thanks for your help with this!  While it would work to demultiplex on
> the first byte, as you indicate, there is a bit more to defining a
> demultiplexing solution than this...
> 
> Since this is UDP, there is nothing that inherently binds the PANA
> authentication to a particular (set of) PCP request(s).  So, we will
> need to make sure that the information passed in the authentication
> option is sufficient for the sever to securely determine that the
> client sending a the PCP request is the same client that initiated the
> PANA exchange and vice versa, just as we would need to do if PANA and
> PCP were run on separate ports.  I don't think this will be difficult,
> we just need to make sure that we achieve it.
> 
> Do you know what existing PANA implementations will do if the
> "Reserved" field at the start of the packet is non-zero?

Also, if an update to PANA allows 0b00000010 in that first octet, we will
have a problem.  It would be safer if we assign the last two bits in that
first octet of PANA to must-be-zero.  Perhaps via an Errata against the PANA
spec, if we decide this is the best solution.

> We should also consider the trade-offs between a demultiplexing
> approach (which allows us to run PANA and PCP separately over a single
> port), and an encapsulation approach (PANA encapsulated in PCP).  A
> demultiplexing approach is somewhat cleaner, in that we can process the
> whole message as a PANA or PCP message.  But, the encapsulation
> approach would allow us to gain some optimization by piggy-backing the
> first (and possibly the final?) messages of the PANA exchange in the
> original PCP request (and response?) to cut down on the number of
> messages needed to create a secure mapping. 

How many messages are we talking about (5?), and how much reduction 
could we see (reduction from 5 to 3??).

> Since the PCP exchange may
> happen as part of client connection set-up (while a user is waiting),
> cutting down on the number of messages exchanged could be valuable.
> 
> As discussed at the PCP meeting in Vancouver, we will be writing up
> both of these approaches soon, for further discussion on an interim
> phone call.

Looking forward to that.

-d


> Margaret
> 
> 
> On Aug 6, 2012, at 3:43 PM, Alper Yegin wrote:
> 
> 
> 
> 	PANA:
> 
> 
> 	    0                   1                   2                   3
> 	    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0
> 1
> 	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+
> 	   |           Reserved            |        Message Length
> |
> 	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+
> 	   |             Flags             |         Message Type
> |
> 	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+
> 	   |                      Session Identifier
> |
> 	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+
> 	   |                        Sequence Number
> |
> 	   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+
> 	   |  AVPs ...
> 	   +-+-+-+-+-+-+-+-+-+-+-+-+-
> 
> 
> 	   Reserved
> 
> 	      This 16-bit field is reserved for future use.  It MUST be
> set to
> 	      zero and ignored by the receiver.
> 
> 
> 
> 
> 	PCP:
> 
> 
> 	      0                   1                   2
> 3
> 	      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9
> 0 1
> 	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+-+
> 	     |  Version = 2  |R|   Opcode    |         Reserved
> |
> 	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+-+
> 	     |                 Requested Lifetime (32 bits)
> |
> 	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+-+
> 	     |
> |
> 	     |            PCP Client's IP Address (128 bits)
> |
> 	     |
> |
> 	     |
> |
> 	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+-+
> 	     :
> :
> 	     :             (optional) Opcode-specific information
> :
> 	     :
> :
> 	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+-+
> 	     :
> :
> 	     :             (optional) PCP Options
> :
> 	     :
> :
> 	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> +-+-+
> 
> 
> 	First octet can be used for demux'ing.
> 
> 	Alper
> 
> 
> 
> 
> 
> 	On Aug 6, 2012, at 9:01 PM, Dan Wing wrote:
> 
> 
> 			-----Original Message-----
> 
> 
> 			From: pcp-bounces@ietf.org [mailto:pcp-
> bounces@ietf.org] On Behalf Of
> 
> 
> 			Alper Yegin
> 
> 
> 			Sent: Thursday, August 02, 2012 2:31 PM
> 
> 
> 			To: pcp@ietf.org
> 
> 
> 			Subject: [pcp] Comparison of PCP authentication
> 
> 
> 
> 			http://www.ietf.org/proceedings/84/slides/slides-84-
> pcp-10.pdf
> 
> 
> 
> 			Ah, isn't it odd that this beauty contest is run by
> one of the
> 
> 
> 			contestants? This material should have been prepared
> and presented by a
> 
> 
> 			neutral party.
> 
> 
> 
> 			One important question: With this proposal, are the
> authors advocating
> 
> 
> 			each protocol should come with their own in-band key
> management, more
> 
> 
> 			specifically embedding an EAP transport?
> 
> 
> 
> 
> 				what's the big deal of using the same port
vs
> different port? Is
> 
> 
> 			jamming all in the same port is a benefit?
> 
> 
> 
> 				"TLS is in-band"
> 
> 
> 
> 			- There's standalone use of TLS as "a separate" KMP.
> RFC 5705 is driven
> 
> 
> 			by the fact that some other protocols need to use
TLS
> as a "separate
> 
> 
> 			KMP".
> 
> 
> 			- TLS is basically "transport layer security",
> something that sits
> 
> 
> 			below the protocol one would be trying to secure. We
> are not doing
> 
> 
> 			that.
> 
> 
> 
> 		To throw another TLS thing into the mix:
> 
> 		DTLS-SRTP [RFC5764] uses the (D)TLS handshake to encrypt
> SRTP and is
> 		pretty well aligned with what we want for PCP -- we want a
> key
> 		exchange and then run the PCP protocol natively.  DTLS-SRTP
> has a
> 		normal DTLS handshake, followed by SRTP packets that appear
> normal
> 		on the wire (that is, the packets are RFC3711 packets which
> have
> 		their RTP headers in the clear).  It does this over the
> same socket,
> 		because the first byte indicates if the packet is DTLS,
> SRTP, or
> 		STUN (ICE), http://tools.ietf.org/html/rfc5764#section-
> 5.1.2.
> 
> 		At the meeting, I suggested we consider if PANA and PCP
> could
> 		be similarly demux'd.  Stuart suggested using some sort of
> GRE-
> 		like header if they cannot be demux'd.  Either approach
> would
> 		eliminate one of the objections of PANA, specifically its
> use
> 		of a separate port.
> 
> 		-d
> 
> 
> 
> 
> 
> 				are the EAP and PCP state machines
compatible?
> If marrying two
> 
> 
> 			protocols, one needs to pay attention to this. This
> was one of the
> 
> 
> 			reasons why EAPoDHCP did not work.
> 
> 
> 
> 				Does the EAP-over-PCP satisfy the "EAP lower
> layer requirements" as
> 
> 
> 			stated in RFC 3848? I had asked this question but
> don't remember seeing
> 
> 
> 			any response.
> 
> 
> 
> 				"Possible in-band optimization". Is this
> documented anywhere? It's
> 
> 
> 			not easy to understand how it works by looking at
> this slide.
> 
> 
> 
> 				PANA RFC 5191 was published in 2008, not
2011.
> It's adopted by Zigbee
> 
> 
> 			IP, ETSI TISPAN, and also ETSI M2M. Aside from two
> open-source
> 
> 
> 			implementations, multiple commercial implementations
> have successfully
> 
> 
> 			passed interop events in Zigbee Alliance.
> 
> 
> 
> 
> 
> 			* Need to specify the portions of PANA that don't
> need to be
> 
> 
> 			implemented
> 
> 
> 
> 			in a PCP PANA Client and Server (such as IP Address
> 
> 
> 			reconfiguration)
> 
> 
> 
> 
> 			>> this is just a single bit flag. We don't use it,
> and that's
> 
> 
> 			all we need to do about it.
> 
> 
> 			* Need to specify/describe interface between PANA
and
> PCP elements
> 
> 
> 
> 			>> this is an implementation issue, like how the
> other spec
> 
> 
> 			implementors would need to define the interface
> between the EAP and PCP
> 
> 
> 			for passing keys, etc.
> 
> 
> 
> 			* Need to specify how the PANA client finds the
> correct PANA Server
> 
> 
> 			for PCP Authentication (may be passed from PCP
> client?)
> 
> 
> 
> 			>> PCP server the the PAA are the same node.
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 	_______________________________________________
> 	pcp mailing list
> 	pcp@ietf.org
> 	https://www.ietf.org/mailman/listinfo/pcp
> 
>

v2.23.0 | Report a Bug | By Email