Re: [Secdispatch] Controller-IKE
Richard Barnes <rlb@ipv.sx> Sun, 21 July 2019 14:19 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25CD6120075 for <secdispatch@ietfa.amsl.com>; Sun, 21 Jul 2019 07:19:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5mujmF4m-EAR for <secdispatch@ietfa.amsl.com>; Sun, 21 Jul 2019 07:19:37 -0700 (PDT)
Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2607:f8b0:4864:20::333]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECAED120020 for <secdispatch@ietf.org>; Sun, 21 Jul 2019 07:19:36 -0700 (PDT)
Received: by mail-ot1-x333.google.com with SMTP id j19so37552718otq.2 for <secdispatch@ietf.org>; Sun, 21 Jul 2019 07:19:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Emux27tcfus2l6NEdEyn4wq8sBLv5QrzftjHqAx2vt8=; b=lAG9Lw1QFrV/P1jRmJFr8DbGHCoKbJo1I42pfIOxYcj8OF/6lzssjnMWYc/iAbJ9dn fhOh3Nq8yah4s9hbHyGZTBWCN1Z0eKNs9VP3jQVmcXcL+EpahRiMthgdqeXDacxBgX2T sKHs5xSuDqsrs2zaaP46GCI4l6AaaVyHpJp7wzfDBabpIzC0PN2A/gcS6s87voA2ob/L L6QriySn/MbZUTR5xtaU6yBLYTJI9y1tROwlrQo+g3DEW0/cf7TJwGQgf5HRqLNzl6YK jkwui/A8BIWbKzvOuXT1YudbUxtjZJFA4raUpOIhIvpzdOdidNtpPASgGRBFdLeB8/oJ W3qA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Emux27tcfus2l6NEdEyn4wq8sBLv5QrzftjHqAx2vt8=; b=bwTQyVFE34slldNxcJwqqHtFdsN+KVEo3o+R7NuJXKZxMK1rR7C/9YYFwZLBFCcS5i uQuKcKcH4E5cOK99ESQ+/QW+34ge4HXMvXpEu/DJwqOLMK7Dud9UMRGI0vThTgkVtQ4v 8t66QewP5C8cMNoi+qkoe5pc6It8muPZCwbc6e+yFbP8/1pD6wPCq4hyNicI0X46os8M wmxuDcZBVldLhyzeC5GIqJ+Wxr5fdB33vrZ8yCupraK8sOf/Zfc3FIHyA+K3yF4yA/Zf Bgy3R2J2ElCliAnVBupcIbo0QaSqQ0u/7DBmk8ipmtIpgnyMXQ8Y/25UZljYXoGneW1q O6LA==
X-Gm-Message-State: APjAAAVGYkWMwgZul7apudwmHBCUeWcPd77qrm80N3ghAaQemQ7Uj0Xj sfp+5vGHT28h2C8zoxf6GbXOAsksLbqYb9/2xZY=
X-Google-Smtp-Source: APXvYqwhmAAhMZtUn59NpvvmdObkrJQnjWLD79Al2sOV7Tu5sID0GoxuKRpBgFdAVb9vKPG8FYCUqLZ1XxK7eKp+2Ig=
X-Received: by 2002:a9d:226c:: with SMTP id o99mr45441683ota.42.1563718776141; Sun, 21 Jul 2019 07:19:36 -0700 (PDT)
MIME-Version: 1.0
References: <CDF90625-34F6-40C3-8AE4-AACD50D70C2E@cisco.com>
In-Reply-To: <CDF90625-34F6-40C3-8AE4-AACD50D70C2E@cisco.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Sun, 21 Jul 2019 10:19:16 -0400
Message-ID: <CAL02cgRdHsugzxHC89WZn=5HoJZMsGhG7dxgifz15qM4d_zSAw@mail.gmail.com>
To: "David Carrel (carrel)" <carrel@cisco.com>
Cc: "secdispatch@ietf.org" <secdispatch@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002e4c35058e31a6f1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/wGNkHm4hbF5vs1gp9v-i5Np_cGo>
Subject: Re: [Secdispatch] Controller-IKE
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Jul 2019 14:19:39 -0000
Hi Dave, Thanks for sharing this work. This seems like an interesting problem to compare with IKE/TLS and MLS -- where IKE and TLS are about configuring a 1-1 security context and MLS is about establishing a single security context across N participants, the goal here seems to be to maintain a full matrix of N^2 security contexts with sub-linear messaging to update a row/column. Given that different shape, it seems like the association with IKE is pretty tenuous. It might be clearer to consider this an alternative to IKE for this mesh case, in the sense of being an external key exchange protocol that results in the production of IPsec SAs. It would be helpful to have a clearer idea of the security objectives here, especially around things like forward security and post-compromise security. The obvious objective of providing equivalent assurances to a collection of N^2 individually negotiated SAs seems unlikely to be feasible here. In particular, the protocol in the current document doesn't provide it, since multiple SAs are "fate shared" due to key reuse -- if an attacker compromises one peer's DH key, then a whole "row" of SAs are compromised. --Richard On Fri, Jul 19, 2019 at 10:20 PM David Carrel (carrel) <carrel@cisco.com> wrote: > Folks, > > > > I would like to present Controller-IKE in the Montreal Security Dispatch > meeting. There is growing interest from routing folks, and I strongly feel > we should evaluate and progress this in the security area. I’ll have some > slides to share shortly. For now, please do read the draft. Also there > are some drafts referencing this: > > > > Controller-IKE: > https://tools.ietf.org/html/draft-carrel-ipsecme-controller-ike-01 > > > > Also some docs referencing this form of key management: > > BESS, Secure EVPN: > https://tools.ietf.org/html/draft-sajassi-bess-secure-evpn-02 > > And: https://tools.ietf.org/html/draft-dunbar-bess-bgp-sdwan-usage-01 > > > > Comments appreciated. > > > > Dave > > > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch >
- [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE Richard Barnes
- Re: [Secdispatch] Controller-IKE Kathleen Moriarty
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE David Carrel (carrel)
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE Eric Rescorla
- Re: [Secdispatch] Controller-IKE Benjamin Kaduk
- Re: [Secdispatch] Controller-IKE Hannes Tschofenig
- Re: [Secdispatch] Controller-IKE Tero Kivinen
- Re: [Secdispatch] Controller-IKE Michael Richardson
- Re: [Secdispatch] Controller-IKE Yoav Nir