Re: [Softwires] WG last call on the security document
Florent Parent <Florent.Parent@beon.ca> Tue, 04 December 2007 06:27 UTC
Return-path: <softwires-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IzRFT-0002zb-5q; Tue, 04 Dec 2007 01:27:15 -0500
Received: from softwires by megatron.ietf.org with local (Exim 4.43) id 1IzRFR-0002sw-0B for softwires-confirm+ok@megatron.ietf.org; Tue, 04 Dec 2007 01:27:13 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IzRFQ-0002sR-Fu for softwires@ietf.org; Tue, 04 Dec 2007 01:27:12 -0500
Received: from ns.beon.ca ([2001:5c0:8001::53] helo=smtp.beon.ca) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IzRFO-00089B-Mf for softwires@ietf.org; Tue, 04 Dec 2007 01:27:12 -0500
Received: from dhcp-4754.ietf70.org (dhcp-4754.ietf70.org [130.129.71.84]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client did not present a certificate) by smtp.beon.ca (Postfix) with ESMTP id 93A8BAD71E; Tue, 4 Dec 2007 01:27:09 -0500 (EST)
Message-Id: <6E9098A8-B8AB-4EC4-A8E3-0BAC7BCB7CB0@beon.ca>
From: Florent Parent <Florent.Parent@beon.ca>
To: Tero Kivinen <kivinen@kivinen.iki.fi>
In-Reply-To: <18260.18811.69209.831957@fireball.kivinen.iki.fi>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Apple Message framework v915)
Subject: Re: [Softwires] WG last call on the security document
Date: Mon, 03 Dec 2007 22:27:06 -0800
References: <C379780F.608C%alain_durand@cable.comcast.com> <18260.18811.69209.831957@fireball.kivinen.iki.fi>
X-Mailer: Apple Mail (2.915)
X-Spam-Score: 1.6 (+)
X-Scan-Signature: a1852b4f554b02e7e4548cc7928acc1f
Cc: softwires@ietf.org
X-BeenThere: softwires@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: softwires wg discussion list <softwires.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/softwires>
List-Post: <mailto:softwires@ietf.org>
List-Help: <mailto:softwires-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/softwires>, <mailto:softwires-request@ietf.org?subject=subscribe>
Errors-To: softwires-bounces@ietf.org
Hi Tero,
Comments inline.
Le 07-12-03 à 10:22, Tero Kivinen a écrit :
>
> Here is my comments:
>
> 1) There needs to be paragraph somewhere explaining the problem with
> NAT-T combined transport mode and UDP checksums. The problem is
> that the UDP header of the L2TPv2 is inside the ESP packets, which
> means that NATs themselves cannot fix the UDP checksum when they do
> the address translation on the outer header. The RFC3948 (NAT-T)
> provides 3 options for Transport mode decapsulation: "Incremental
> update of checksum", "Recompute checksum" and "Do not check".
>
> The first option "incremental update of checksum" CANNOT be used
> with IKEv2, because the IKEv2 does not have the information
> required for it (I.e. IKEv2 does not have NAT-OA payloads, and the
> text saying that use information from traffic selectors of the
> IKEv2 does not work).
OK. I was not aware of that issue.
>
>
> So there is only options to recompute checksum (might be
> expensive), or make the implementation so it will not check the UDP
> checksum of the L2TPv2 packet. This should not matter, as we do
> have ESP outside providing much better validation of the received
> packet and there is also another checksum inside the packet inside
> the L2TPv2+PPP packet.
In the scenario where IPv4 over IPv6 is used (3.5.4.2), L2TP/UDP is
transported over IPv6, so UDP checksum must be enabled:
BEFORE APPLYING ESP/UDP
--------------------------------------------
IPv6 |orig IPv6 hdr | | | | |
|(any options) | UDP | L2TP | PPP | IPv4 |
--------------------------------------------
AFTER APPLYING ESP/UDP
-----------------------------------------------------------------------
IPv6 |orig IPv6 hdr | UDP | ESP | | | | | ESP
| ESP|
|(any options) | Hdr | Hdr | UDP | L2TP | PPP | IPv4 |
Trailer |Auth|
-----------------------------------------------------------------------
|<------------ encrypted -----------
>|
|<-------------- authenticated -----------
>|
So from the available alternatives, looks like we need to pick
"recompute checksum".
>
>
> The reason I think this issue should be brough up is that you
> cannot use that "incremental update" method specified in the
> RFC3948 with IKEv2, and if people try to do it they will end up
> implementation problems.
>
OK
>
> 2) I think the Section 3.5.4.1 and 3.5.4.2 should most likely use
> exactly same terminology as RFC 4301 for the selectors, i.e. use
> "Next Layer Protocol" instead "Proto".
Will fix.
>
>
> 3) The section 4.4.2 Security Protection Mechanism for Data Plane
> says:
>
> ... In this scenario, public-key digital signature
> or key encryption authentication in IKE should be used, assuming
> that
> the peers have the necessary computation available.
>
> If the peer has enough computation available to do Diffie-Hellman,
> there should be no problems to do public key signature operations
> too. So I think the ", assuming that the peers have the necessary
> computation available." should be removed. Also perhaps the
> "should" there should be "SHOULD".
OK
>
>
>
> Here is also some nits:
> ----------------------------------------------------------------------
> 1. Introduction
> ...
> composed of differing address families. This document provides the
> security Guidelines for such two Softwire solution spaces such as
> "Hubs and Spokes" and "Mesh" scenarios "Hubs and Spokes" and "Mesh"
> problems described in [RFC4925] Section 2 and Section 3,
> respectively. The protocols selected for Softwire connectivity
> ----------------------------------------------------------------------
>
> I think there is period missing between the ... "Hubs and Spokes" and
> "Mesh" scenarios "Hubs and Spokes" and "Mesh" problems ...
Yes
>
>
> In section 3.5.4. there i s [RFC4306] twice:
> ----------------------------------------------------------------------
> 3.5.4. IPsec filtering details
> ...
> ... The Internet Key Exchange (IKE) has also
> been revised and simplified in IKEv2 [RFC4306], [RFC4306]. ...
Yes. I also noted some ID-nits from the tools web site which I will
fix in -05.
Many thanks for your review.
Florent
_______________________________________________
Softwires mailing list
Softwires@ietf.org
https://www1.ietf.org/mailman/listinfo/softwires
- [Softwires] WG last call on the security document Alain Durand
- [Softwires] WG last call on the security document Tero Kivinen
- Re: [Softwires] WG last call on the security docu… Florent Parent
- Re: [Softwires] WG last call on the security docu… Tero Kivinen
- Re: [Softwires] WG last call on the security docu… Tero Kivinen
- Re: [Softwires] WG last call on the security docu… Florent Parent
- Re: [Softwires] WG last call on the security docu… Florent Parent