IETF Logo Mail Archive

Re: [tcpm] TCP-AO: Text for New_Key Process

Caitlin Bestler <cait@asomi.com> Mon, 02 February 2009 05:19 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 30D783A69F2; Sun, 1 Feb 2009 21:19:20 -0800 (PST)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E9B1F3A69F2 for <tcpm@core3.amsl.com>; Sun, 1 Feb 2009 21:19:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.265
X-Spam-Level:
X-Spam-Status: No, score=-2.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SNRt1K+9EDmn for <tcpm@core3.amsl.com>; Sun, 1 Feb 2009 21:19:18 -0800 (PST)
Received: from mail5.sea5.speakeasy.net (mail5.sea5.speakeasy.net [69.17.117.7]) by core3.amsl.com (Postfix) with ESMTP id 328BD3A6966 for <tcpm@ietf.org>; Sun, 1 Feb 2009 21:19:18 -0800 (PST)
Received: (qmail 28298 invoked from network); 2 Feb 2009 05:15:48 -0000
Received: from imac.asomi.com (cait@asomi.com@[66.92.48.27]) (envelope-sender <cait@asomi.com>) by mail5.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for <gregory.ietf@gmail.com>; 2 Feb 2009 05:15:47 -0000
Message-ID: <49868182.9060409@asomi.com>
Date: Sun, 01 Feb 2009 21:15:46 -0800
From: Caitlin Bestler <cait@asomi.com>
User-Agent: Thunderbird 2.0.0.19 (Macintosh/20081209)
MIME-Version: 1.0
To: "Gregory M. Lebovitz" <gregory.ietf@gmail.com>
References: <7.1.0.9.2.20081219010400.02bfd3d8@gmail.com> <496d9941.18038e0a.5558.ffffd3a6@mx.google.com>
In-Reply-To: <496d9941.18038e0a.5558.ffffd3a6@mx.google.com>
Cc: Allison Mankin <mankin@psg.com>, skonduru@juniper.net, tcpm@ietf.org, Joe Touch <touch@ISI.EDU>
Subject: Re: [tcpm] TCP-AO: Text for New_Key Process
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

Gregory M. Lebovitz wrote:
> Folks,
> resend...
> 
> Neither I nor Joe have received ANY feedback on this New_Key process. 
> Can people pls do a quick review and reply to me, Joe, and list with 
> comments? Joe is trying to get a next version out.
> 
> Many thanks,
> Gregory.
> 
> At 01:18 AM 12/19/2008, Gregory M. Lebovitz wrote:
>> Hey Joe, and all.
>> Below is pasted my first crack at the text for the New_Key Process. 
>> All input welcome.
>> Gregory
>>
>> ==New_Key Process:
>>
>> [Suggest you place text about new_key at the end of section 6 in -02]
>>
>> One big difference between TCP-AO and TCP MD5 is that TCP-AO allows 
>> for the change of a TSAD entry -- and thus the corresponding change of 
>> a conn_key -- during a connection, without having to drop the 
>> connection. This allows for an HMAC algorithm or TSAD_key change 
>> without a connection loss. This behavior is very beneficial for the 
>> optimal operation of applications with long lived connections, such as 
>> BGP. The process of moving from one key to another is called "New_Key".
>>

 From the beginning I have been uncomfortable with the abuse of an 
"option" being used to reliably transport something that is not truly
an option.

But as Joe pointed out during a prior round, a simple digest is derived
from the payload. So it is not truly separate payload.

But the "new key process" strikes me as going farther than that. It is
trying to shoe-horn in a second data stream onto one TCP connection.
There are already two ways to do this:

+ At the transport layer with a transport protocol designed to support
   multiple streams, specifically SCTP.
+ Above the transport layer, such as is done with SSH tunneling.

Either of those methods work, so I do not see the justification for
doing major havoc to some of the normal working assumptions with TCP.
Deliberately sending frames that have a substantial chance of being
dropped is just plain wrong.

In fact, I am fairly sure that some of the techniques proposed would
be diagnosed by a current Intrustion Detection System as an attack.

To justify that level of a change there should be something wrong with
the Transport protocol itself, not just an application that doesn't
want to change anything.

Let the current TCP-MD5 applications figure out their own solution on
how to do out-of-band signaling. Using a null encryption and SSH 
wrappers strikes me as one very viable solution that could preserve
existing code. But just find a solution *above* the TCP stack, and
avoid "minor" modifications to TCP that require stacks to do things
that previously would have been an attack.





-- 
Caitlin Bestler
cait@asomi.com - http://www.asomi.com/CaitlinBestlerResume.html
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email