IETF Logo Mail Archive

Re: [tcpm] question about TCP-AO and rekeying

Eric Rescorla <ekr@networkresonance.com> Sat, 20 June 2009 15:34 UTC

Return-Path: <ekr@networkresonance.com>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9BB403A6C49 for <tcpm@core3.amsl.com>; Sat, 20 Jun 2009 08:34:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.293
X-Spam-Level:
X-Spam-Status: No, score=-0.293 tagged_above=-999 required=5 tests=[AWL=-0.311, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kKU1mJVeqy9Z for <tcpm@core3.amsl.com>; Sat, 20 Jun 2009 08:34:56 -0700 (PDT)
Received: from kilo.networkresonance.com (74-95-2-169-SFBA.hfc.comcastbusiness.net [74.95.2.169]) by core3.amsl.com (Postfix) with ESMTP id 12E9C3A6BA1 for <tcpm@ietf.org>; Sat, 20 Jun 2009 08:34:54 -0700 (PDT)
Received: from kilo.local (localhost [127.0.0.1]) by kilo.networkresonance.com (Postfix) with ESMTP id C20C01C0154; Sat, 20 Jun 2009 08:35:48 -0700 (PDT)
Date: Sat, 20 Jun 2009 08:35:48 -0700
From: Eric Rescorla <ekr@networkresonance.com>
To: Joe Touch <touch@ISI.EDU>
In-Reply-To: <4A3BC59C.9090200@isi.edu>
References: <4A2AB973.3030203@isi.edu> <20090616131807.75C481BC6EB@kilo.networkresonance.com> <4A37A202.9020500@isi.edu> <20090617054551.A4E0C1BCA23@kilo.networkresonance.com> <4A388C37.3030703@isi.edu> <20090617140939.A3AB61BCC72@kilo.networkresonance.com> <4A390EC0.6070003@isi.edu> <20090617161518.5276C50822@romeo.rtfm.com> <4A3917B7.20301@isi.edu> <20090617232813.1C49D50822@romeo.rtfm.com> <4A39C800.2030901@isi.edu> <20090618051622.719361BDC6B@kilo.networkresonance.com> <4A39CE62.9050201@isi.edu> <20090618135721.164F31BDF06@kilo.networkresonance.com> <4A3A4A5D.2060504@isi.edu> <20090619043328.6C06E1BE12E@kilo.networkresonance.com> <4A3B3290.9020906@isi.edu> <20090619132135.0DF111BE198@kilo.networkresonance.com> <4A3BB16A.1000508@isi.edu> <20090619161614.EFC4850822@romeo.rtfm.com> <4A3BBC2E.9040100@isi.edu> <20090619164724.2353850822@romeo.rtfm.com> <4A3BC59C.9090200@isi.edu>
User-Agent: Wanderlust/2.15.5 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20090620153548.C20C01C0154@kilo.networkresonance.com>
Cc: tcpm Extensions WG <tcpm@ietf.org>
Subject: Re: [tcpm] question about TCP-AO and rekeying
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jun 2009 15:34:57 -0000

At Fri, 19 Jun 2009 10:06:36 -0700,
Joe Touch wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> 
> Eric Rescorla wrote:
> ...
> > OK, I fear we're talking past each other.
> > 
> > My claim is that the system must enforce the following invariant:
> > 
> > * There must be only one MKT defined that matches any given set
> >   of parameters: (s-ip, d-ip, s-port, s-port, key-id).
> > 
> > This includes wildcards and ranges.
> 
> That one is a lot easier, since you're including the key-id. That's
> available only for either established connections (e.g., bound to the
> socket after connection establishment for outgoing, or indicated in the
> segment for incoming).
> 
> For the initial outgoing SYNs from legacy applications, we need the MKT
> match to be unique per:
> 
> 	(s-ip, d-ip, s-port, d-port)
> 
> This is the case that's causing the problem for two cases:

You've said that before, but I don't understand why you think it's a
problem. If there are two valid MKTs for a given packet, each side can
pick whichever one they want independently and everything will work.

The match only needs to be unique in the sense that you can't protect
a single packet with two keys. It does not need to be unique and
deterministic in the sense that each side needs to be unambiguously
determine that the *same* key applies to each packet.


> The TSAD/TAPD had a notion of grouping MKTs together when patterns
> overlapped, so that (b) would allow selection of a 'currently designated
> primary' to be used for outgoing SYNs. Getting rid of that structure -
> which you claimed was an implementation issue - is omitting structure in
> the key groupings that allows (b), and also enables (a).
> 
> If we omit the TSAD/TAPD, how do we express the notion that a given key
> is preferred for outgoing SYNs?

We don't. The implementations do it however they want (and I can think of
a number of plausible implementations) . As long as a valid key is selected,
things will work.

-Ekr

v2.23.0 | Report a Bug | By Email