Re: [secdir] secdir review of draft-ietf-ipsecme-ikev2-ipv6-config-02.txt
<Pasi.Eronen@nokia.com> Fri, 16 October 2009 11:18 UTC
Return-Path: <Pasi.Eronen@nokia.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6A4FA3A6824; Fri, 16 Oct 2009 04:18:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.566
X-Spam-Level:
X-Spam-Status: No, score=-6.566 tagged_above=-999 required=5 tests=[AWL=0.033, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sDoCnBpzpac5; Fri, 16 Oct 2009 04:18:29 -0700 (PDT)
Received: from mgw-mx09.nokia.com (smtp.nokia.com [192.100.105.134]) by core3.amsl.com (Postfix) with ESMTP id 8200A3A67CF; Fri, 16 Oct 2009 04:18:29 -0700 (PDT)
Received: from vaebh106.NOE.Nokia.com (vaebh106.europe.nokia.com [10.160.244.32]) by mgw-mx09.nokia.com (Switch-3.3.3/Switch-3.3.3) with ESMTP id n9GBI9dg022182; Fri, 16 Oct 2009 06:18:31 -0500
Received: from vaebh104.NOE.Nokia.com ([10.160.244.30]) by vaebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 16 Oct 2009 14:18:23 +0300
Received: from smtp.mgd.nokia.com ([65.54.30.7]) by vaebh104.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Fri, 16 Oct 2009 14:18:18 +0300
Received: from NOK-EUMSG-01.mgdnok.nokia.com ([65.54.30.86]) by nok-am1mhub-03.mgdnok.nokia.com ([65.54.30.7]) with mapi; Fri, 16 Oct 2009 13:18:18 +0200
From: Pasi.Eronen@nokia.com
To: dave.cridland@isode.com, secdir@ietf.org, iesg@ietf.org, julienl@qualcomm.com, cmadson@cisco.com
Date: Fri, 16 Oct 2009 13:18:17 +0200
Thread-Topic: secdir review of draft-ietf-ipsecme-ikev2-ipv6-config-02.txt
Thread-Index: AcpGglvNPwIUeRb/QYqgl0FsfKOUywHzw7Pg
Message-ID: <808FD6E27AD4884E94820BC333B2DB773C09A4472C@NOK-EUMSG-01.mgdnok.nokia.com>
References: <15898.1254832898.040887@puncture>
In-Reply-To: <15898.1254832898.040887@puncture>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 16 Oct 2009 11:18:18.0549 (UTC) FILETIME=[5CD8FE50:01CA4E52]
X-Nokia-AV: Clean
Subject: Re: [secdir] secdir review of draft-ietf-ipsecme-ikev2-ipv6-config-02.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Oct 2009 11:18:30 -0000
(replying as document author, not AD) Thanks for your review, Dave! > The Security Considerations section is actually quite unclear to me - > at first glance, the opening phrase suggests that the solution does > indeed do the thing it warns against, that is, assigning each client > a unique, and therefore identifiable, prefix. It indeed does this, and the paragraph should be clearer about it. Perhaps something like this? The mechanism described in this document assigns each client a unique prefix, which makes using randomized interface identifiers [RFC4941] ineffective from privacy point of view: the client is still uniquely identified by the prefix. [...] > It also fails to draw the reader's attention to any other relevent > considerations - I'm assuming that the two and a half pages of > security considerations in RFC 4306 have some direct relevance here. Since this is a very small extension to RFC 4306, indeed all the security considerations of RFC 4306 still apply. Perhaps we should add something like: Since this document is an extension to IKEv2, the security considerations in [IKEv2] apply here as well. > Also, the informative references noted in the Acknowledgements > section would appear to have some potentially important security > considerations - for example, RFC 4891's final consideration is: > > Please note that using IPsec for the scenarios described in > Figures 1, 2, and 3 does not aim to protect the end-to-end > communication. It protects just the tunnel part. It is still > possible for an IPv6 endpoint not attached to the IPsec tunnel to > spoof packets. > > ... given that IKEv2's previous support for IPv6 limited it to a > single host at the client end, one assumes that this document > introduces at least this security consideration. I don't think RFC 4891 is relevant here; remote access VPNs are almost never end-to-end, and the situation is the same with IPv4 and IPv6. So this document doesn't introduce anything new here... Best regards, Pasi
- [secdir] secdir review of draft-ietf-ipsecme-ikev… Dave Cridland
- Re: [secdir] secdir review of draft-ietf-ipsecme-… Pasi.Eronen
- Re: [secdir] secdir review of draft-ietf-ipsecme-… Dave Cridland
- Re: [secdir] secdir review of draft-ietf-ipsecme-… Pasi.Eronen
- Re: [secdir] secdir review of draft-ietf-ipsecme-… Laganier, Julien