Re: [secdir] SECDIR review of draft-ietf-hokey-key-mgm

"Glen Zorn" <glenzorn@comcast.net> Tue, 11 August 2009 01:24 UTC

Return-Path: <glenzorn@comcast.net>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D14263A6F82 for <secdir@core3.amsl.com>; Mon, 10 Aug 2009 18:24:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EwxllSJ-vLKr for <secdir@core3.amsl.com>; Mon, 10 Aug 2009 18:24:30 -0700 (PDT)
Received: from QMTA03.emeryville.ca.mail.comcast.net (qmta03.emeryville.ca.mail.comcast.net [76.96.30.32]) by core3.amsl.com (Postfix) with ESMTP id 30F3928C181 for <secdir@ietf.org>; Mon, 10 Aug 2009 18:23:53 -0700 (PDT)
Received: from OMTA04.emeryville.ca.mail.comcast.net ([76.96.30.35]) by QMTA03.emeryville.ca.mail.comcast.net with comcast id SlBA1c0050lTkoCA3pPxtA; Tue, 11 Aug 2009 01:23:57 +0000
Received: from gwzPC ([71.231.55.1]) by OMTA04.emeryville.ca.mail.comcast.net with comcast id SpPv1c00d01ae1j8QpPw3c; Tue, 11 Aug 2009 01:23:57 +0000
From: Glen Zorn <glenzorn@comcast.net>
To: 'Kurt Zeilenga' <Kurt.Zeilenga@Isode.com>
References: <369289D9-6E39-4673-B50E-0090BBBB6EB2@Isode.com> <00bf01ca19e0$1b703e70$5250bb50$@net> <B1002512-9406-4681-965C-17A7C189DF98@Isode.com>
In-Reply-To: <B1002512-9406-4681-965C-17A7C189DF98@Isode.com>
Date: Mon, 10 Aug 2009 18:23:30 -0700
Message-ID: <004f01ca1a22$56af4de0$040de9a0$@net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcoZ6RjwgdOHSJLUTSaXyXUToQZhhgAKfEsg
Content-Language: en-us
Cc: gwz@net-zen.net, draft-ietf-hokey-key-mgm@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] SECDIR review of draft-ietf-hokey-key-mgm
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2009 01:24:30 -0000

Kurt Zeilenga [mailto:Kurt.Zeilenga@Isode.com] writes:

> On Aug 10, 2009, at 10:29 AM, Glen Zorn wrote:
> 
> > Kurt Zeilenga [mailto://Kurt.Zeilenga@Isode.com] writes:
> >
> > ...
> >
> >> The security consideration starts by saying:
> >>    This section provides security requirements and an analysis on
> >> transporting EAP keying material using an AAA protocol.
> >> While 6.1 appears to provide the former, 6.2 (the remaining section)
> >> seems to discuss a particular concern in transporting EAP keying
> >> material in an APP protocol.
> >
> > No.  AFAIK, the only existing protocols in which EAP key transport
> > take
> > place are AAA.
> 
> My point that Section 6 description of what section 6.2 provides seems
> not equate (to me) to what 6.2 actually provides.  6.2 seems to
> discuss a particular issue in "transporting EAP keying material using
> an AAA protocol" as opposed to a more comprehensive "analysis on
> transporting EAP keying material using an AAA protocol".

OK.  Can you be a little more specific about what needs to be changed?  

...

> >> I would like to see the Security Consideration section to
> incorporate
> >> by informative references general discussions of security
> >> considerations for key technologies (e.g., EAP).
> >
> > Why?  The EAP (or ERP) authentication is by definition complete by
> > the time
> > any keys are exported by the EAP method, so it's hard to see how
> those
> > considerations are relevant.
> 
> As the document discusses use of KDE in ERP, it would seem to me that
> ERP security considerations would have some relevance.  

Thanks for pointing that out.  In fact, the document should _not_ talk about
the use of KDE in ERP, since it doesn't exist ;-).  Re-re-re-reading ;-)
section 6 (which is what I think you are talking about?), I noticed
A couple of other errors, too.  For example, section 3 says "Here,
EAP-Initiate and EAP-Finish messages are exchanged between the peer and the
home AAA server, with the bootstrapping flag in the EAP-Initiate message
set"; unfortunately, this is impossible, since the peer and AAA server do
not speak the same protocol.  Another example of the same kind of fuzzy
writing is in the second paragraph of the same section: "In this case, the
local ER server requesting the DSRK MUST include a KDE-Request message in
the first EAP-Response   message from the peer".  This _should_ say " In
this case, the local ER server requesting the DSRK MUST include a
KDE-Request message in the AAA packet encapsulating the first EAP-Response
message from the peer" in order to agree with RFC 5296 (in fact, though,
there's no need for the local ERP server to be involved in this at all,
except that that is (erroneously, I think) specified in 5296).
        
...