Re: [secdir] SECDIR review of draft-ietf-hokey-key-mgm
"Hoeper Katrin-QWKN37" <khoeper@motorola.com> Wed, 12 August 2009 14:51 UTC
Return-Path: <khoeper@motorola.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 714123A6A59; Wed, 12 Aug 2009 07:51:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z9viCqFLXKpj; Wed, 12 Aug 2009 07:51:35 -0700 (PDT)
Received: from mail128.messagelabs.com (mail128.messagelabs.com [216.82.250.131]) by core3.amsl.com (Postfix) with SMTP id 478523A67D9; Wed, 12 Aug 2009 07:51:35 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: khoeper@motorola.com
X-Msg-Ref: server-15.tower-128.messagelabs.com!1250088453!1202750!1
X-StarScan-Version: 6.1.3; banners=-,-,-
X-Originating-IP: [136.182.1.14]
Received: (qmail 18164 invoked from network); 12 Aug 2009 14:47:34 -0000
Received: from motgate4.mot.com (HELO motgate4.mot.com) (136.182.1.14) by server-15.tower-128.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 12 Aug 2009 14:47:34 -0000
Received: from il27exr04.cig.mot.com (il27exr04.mot.com [10.17.196.73]) by motgate4.mot.com (8.14.3/8.14.3) with ESMTP id n7CElX4a026403; Wed, 12 Aug 2009 07:47:33 -0700 (MST)
Received: from de01exm68.ds.mot.com (de01exm68.am.mot.com [10.176.8.24]) by il27exr04.cig.mot.com (8.13.1/8.13.0) with ESMTP id n7CElS1Y019924; Wed, 12 Aug 2009 09:47:33 -0500 (CDT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 12 Aug 2009 10:47:06 -0400
Message-ID: <3A241A6B234BE948B8B474D261FEBC2F06555DF9@de01exm68.ds.mot.com>
In-Reply-To: <010e01ca1afe$d9c82b70$8d588250$@net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
thread-topic: [secdir] SECDIR review of draft-ietf-hokey-key-mgm
thread-index: AcoZ6RjwgdOHSJLUTSaXyXUToQZhhgAKfEsgAC8KAkAAC4hLEAAXTyvg
References: <369289D9-6E39-4673-B50E-0090BBBB6EB2@Isode.com> <00bf01ca19e0$1b703e70$5250bb50$@net> <B1002512-9406-4681-965C-17A7C189DF98@Isode.com> <004f01ca1a22$56af4de0$040de9a0$@net> <3A241A6B234BE948B8B474D261FEBC2F06555C24@de01exm68.ds.mot.com> <010e01ca1afe$d9c82b70$8d588250$@net>
From: Hoeper Katrin-QWKN37 <khoeper@motorola.com>
To: Glen Zorn <gwz@net-zen.net>, Glen Zorn <glenzorn@comcast.net>, Kurt Zeilenga <Kurt.Zeilenga@Isode.com>
Cc: draft-ietf-hokey-key-mgm@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] SECDIR review of draft-ietf-hokey-key-mgm
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Aug 2009 14:51:36 -0000
To sum up the previous discussion, here my proposed 3 changes to draft-ietf-hokey-key-mgm-09.txt to address Kurt's and Glen's comments. Please let me know if the changes are sufficient. 1. OLD (Section 5, second paragraph) In this case, the local ER server requesting the DSRK MUST include a KDE-Request message in the first EAP-Response message from the peer. NEW In this case, the local ER server requesting the DSRK MUST include a KDE-Request message in the AAA packet encapsulating the first EAP-Response message from the peer. 2. OLD (Section 5, third paragraph) Here, EAP-Initiate and EAP-Finish messages are exchanged between the peer and the home AAA server, with the bootstrapping flag in the EAP-Initiate message set. In this case, the local ER server (acting as KRS) MUST include a KDE-Request message in the AAA message that carries an EAP-Initiate message with the bootstrapping flag turned on. NEW Here, the peer sends an EAP-Initiate message with the bootstrapping flag turned on. The local ER server (acting as KRS) MUST include a KDE-Request message in the AAA message that carries the peer's EAP-Initiate message and sends it to the peer's home AAA server. 3. OLD (Section 6, first paragraph) This section provides security requirements and an analysis on transporting EAP keying material using an AAA protocol. NEW This section provides security requirements and a discussion of distributing RK without peer consent. Best regards, Katrin > -----Original Message----- > From: Glen Zorn [mailto:gwz@net-zen.net] > Sent: Tuesday, August 11, 2009 10:42 PM > To: Hoeper Katrin-QWKN37; 'Glen Zorn'; 'Kurt Zeilenga' > Cc: secdir@ietf.org; iesg@ietf.org; draft-ietf-hokey-key- > mgm@tools.ietf.org > Subject: RE: [secdir] SECDIR review of draft-ietf-hokey-key-mgm > > Hoeper Katrin-QWKN37 [mailto:khoeper@motorola.com] writes: > > ... > > > > Thanks for pointing that out. In fact, the document should _not_ > > talk > > > about > > > the use of KDE in ERP, since it doesn't exist ;-). Re-re-re-reading > > ;-) > > > section 6 (which is what I think you are talking about?), I noticed > > > A couple of other errors, too. For example, section 3 says "Here, > > > EAP-Initiate and EAP-Finish messages are exchanged between the peer > > and > > > the > > > home AAA server, with the bootstrapping flag in the EAP-Initiate > > message > > > set"; unfortunately, this is impossible, since the peer and AAA > > server > > do > > > not speak the same protocol. Another example of the same kind of > > fuzzy > > > writing is in the second paragraph of the same section: "In this > > case, > > the > > > local ER server requesting the DSRK MUST include a KDE-Request > > message > > in > > > the first EAP-Response message from the peer". This _should_ say " > > In > > > this case, the local ER server requesting the DSRK MUST include a > > > KDE-Request message in the AAA packet encapsulating the first > > EAP-Response > > > message from the peer" in order to agree with RFC 5296 (in fact, > > though, > > > there's no need for the local ERP server to be involved in this at > > all, > > > except that that is (erroneously, I think) specified in 5296). > > > > > > ... > > > > > [KH] Glen, I think you are talking about Section 5 not 3, are you > > looking at the current version > > (http://ietfreport.isoc.org/all-ids/draft-ietf-hokey-key-mgm-09.txt)? > > > > Could you please re-check? I am sure your comments still apply, but I'd > > like to know which parts are affected. > > Yes, you're right. I really hate it when people change documents in the > middle of reviews. It's really annoying, especially since I just did it > myself a couple of days ago ;-). > > > > > AFAIK, Section 5 is in complete alignment with RFC 5296 and uses the > > same terminology and same protocol description. I understand that there > > are some problems in RFC 5296 and there is a request for errata > > (http://www.rfc-editor.org/errata_search.php?rfc=5296&eid=1825). > > > > Should I wait until this (and possibly other) errata has been approved > > and then modify the key management draft accordingly? If I make changes > > now, with the current RFC 5296, we would have a description on how to > > use KDE with ERP that does not match the description in RFC 5296. > > The problem is that RFC 5296 says to do things that just aren't possible, > so > we have a situation where we can either continue to create incorrect > specifications or correctly specify behavior that contradicts a published > RFC. Personally, I'd go for the latter: change the draft to specify what > the authors of 5296 obviously _meant_ to say & update 5296 later.
- [secdir] SECDIR review of draft-ietf-hokey-key-mgm Kurt Zeilenga
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Glen Zorn
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Kurt Zeilenga
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Glen Zorn
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Kurt Zeilenga
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Glen Zorn
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Hoeper Katrin-QWKN37
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Glen Zorn
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Hoeper Katrin-QWKN37
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Hoeper Katrin-QWKN37
- Re: [secdir] SECDIR review of draft-ietf-hokey-ke… Kurt Zeilenga