Re: Comments on draft-ietf-bfd-secure-sequence-numbers-12.txt

Jeffrey Haas <> Wed, 17 January 2024 16:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 24F3FC14CE5D; Wed, 17 Jan 2024 08:24:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id J4VuUrbwE9bg; Wed, 17 Jan 2024 08:24:00 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id E955EC14CE54; Wed, 17 Jan 2024 08:23:59 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTPSA id 1C8E71E039; Wed, 17 Jan 2024 11:23:59 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.\))
Subject: Re: Comments on draft-ietf-bfd-secure-sequence-numbers-12.txt
From: Jeffrey Haas <>
In-Reply-To: <>
Date: Wed, 17 Jan 2024 11:23:58 -0500
Cc: rtg-bfd WG <>,
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <> <> <> <> <> <> <>
To: Alan DeKok <>
X-Mailer: Apple Mail (2.3696.
Archived-At: <>
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 17 Jan 2024 16:24:01 -0000


On Jan 17, 2024, at 11:19 AM, Alan DeKok <> wrote:
>  Perhaps then this text.  Which both refers to the other draft, and then also says how such a switch impacts ISAAC.
>      <t>It is RECOMMENDED that implementations periodically use a
>      strong Auth Type for packets which maintain the session in an Up
>      state.  See <xref
>      target="I-D.ietf-bfd-optimizing-authentication">BFD
>      Authentication</xref> for appropriate procedures.</t>

This part is good.

>      <t>The nature of the Meticulous Keyed ISAAC method means that
>      there is no issue with this switch, so long as it is for a small
>      number of packets.  From the point of view of the Meticulous
>      Keyed ISAAC state machine, this switch can be handled similarly
>      to a lost packet.  The state machine simply notices that instead
>      of Sequence Number value being one more than the last value used
>      for ISAAC, it is larger by two.  The ISAAC state machine then
>      calculates the index into the current "page", and uses the found
>      number to validate (or send) the Auth Key.</t>

The fundamental issue here is that once we've selected a seed, we need to maintain the ISAAC pages vs. the page base we've selected.

As you note above, if we switch out of ISAAC mode for a few packets, this is no different than "lost packets" from the perspective of figuring out what our next page should be.  I.e., we should only need to flip a page or two.

Alternatively, if the ISAAC page is maintained with the sequence number no matter what on the presumption that we will eventually move back to ISAAC, there's no issues.

Noting that we do not have procedure to permit a new seed to be exchanged as the limiting factor causing the above is appropriate justification.

-- Jeff