Re: [tcpm] question about TCP-AO and rekeying

[Joe Touch <touch@ISI.EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Eric Rescorla wrote:
...
>> It's a bit overgeneralized above, but clamp it down a bit more and it
>> might still make sense, e.g.:
>>
>> 	alpha		from ME:ANY to JOE:BGP KEYID=6
>> 	beta		from ME:ANY to JOE:ANY KEYID=7
>>
>> I.e., I may want to lock BGP with a different key than other connections
>> between the two, but OK to use a single key for the rest.
> 
> Why would you want to do this?
> 
> The configuration you propose would still leave you vulnerable to
> packet injection by someone who knew key alpha.
> 
> Going up a level, I'm skeptical of this entire line of argument.
> The existing rationale for this technology (BGP DoS prevention)
> doesn't really justify engineering for extensively complicated
> key use policies.

The policy above would be used to utilize a stronger key/algorithm for
BGP, and a weaker one for other exchanges - such as would be used to
protect the transport of other protocols used in tandem with BGP, e.g.,
SNMP or DNS (each over TCP).

I agree that non-overlap is necessary to avoid injection. The trouble is
that there are different ways to avoid non-overlap which we are
currently leaving as "implementation dependent". If we leave them open,
I am concerned that KMPs will not be able to ensure that two endpoints
will pick corresponding MKTs for a given segment.

If we all want to leave that open, that's fine. IMO probably means KMP
is DOA, but that may be where this is all headed anyway.

Joe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAko6Sl0ACgkQE5f5cImnZruu2gCglB4p8e0DvWh5IiZPws48drPW
8KoAnjupcaSxBBQ5g5EgwJJMS1EV5f3P
=Hhb6
-----END PGP SIGNATURE-----