Re: [tcpm] tcp-auth-opt issue: support for NATs

Joe Touch <touch@ISI.EDU> Wed, 13 August 2008 20:04 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id AA0243A6B7F; Wed, 13 Aug 2008 13:04:39 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4871A3A6D01 for <>; Wed, 13 Aug 2008 13:04:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id HFNlX3UOTtpr for <>; Wed, 13 Aug 2008 13:04:32 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id D04253A6928 for <>; Wed, 13 Aug 2008 13:04:32 -0700 (PDT)
Received: from [] ( []) by (8.13.8/8.13.8) with ESMTP id m7DK3qtC019892 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 13 Aug 2008 13:03:55 -0700 (PDT)
Message-ID: <>
Date: Wed, 13 Aug 2008 13:03:09 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird (Windows/20080708)
MIME-Version: 1.0
To: Ted Faber <faber@ISI.EDU>
References: <> <> <03d901c8fbe9$05673220$> <>
In-Reply-To: <>
X-Enigmail-Version: 0.95.6
X-ISI-4-43-8-MailScanner: Found to be clean
Cc: 'Adam Langley' <>,, Dan Wing <>
Subject: Re: [tcpm] tcp-auth-opt issue: support for NATs
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"

Hash: SHA1

Hi, all,

<indiv hat on>

I think the discussion on the issue of keyID uniqueness and the size of
the keyID space indicates a deeper issue about keyIDs, as well as the
TCP-AO option.

The keyID is currently only an *intra-connection* identifier. It's sole
purpose is to avoid testing multiple concurrent keys and configurations
on a single connection, as would occur during rekeying. The primary
security association identifier for a connection is the socket pair
(addr/port pair).

The TCP-AO option provides authentication; it does not provide automated
~ key or parameter negotiation. IMO, that is better left to an automated

- ---

There are certainly a number of issues that all appear to require more
than simple, static keying in TCP-AO can handle:
	- dynamic endpoint address assignment
	- NATs
	- passive open with floating source IP address

IMO, these can - and should - be handled more easily by an automated
KMS. This would leave TCP-AO much simpler and easier to validate. The
alternatives are problematic:
	- create and manage our own unique connection ID space
	- test all concurrently overlapping keys/configurations
	until each connection is resolved

I thus feel that it's OK to say that the simplest static key
configuration of TCP-AO solves some problems and not others. The
problems we can solve (or have already solved) are:

	- unique per-connection keys (based on ISNs)
	- replay prevention using automated key rollover
	- passive open with floating source port only

Solving NATs, dynamic IP address assignments, and full passive opens for
statically configured keys will, AFAICT, require relaxing authentication
to the point where we will end up developing an in-band KMS in the SYN
packet, which I feel is complexity we can avoid.

Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla -

tcpm mailing list