Re: [tcpm] Comments on TCP-AO Draft

"Gregory M. Lebovitz" <> Tue, 18 November 2008 01:28 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id 82C0E3A6922; Mon, 17 Nov 2008 17:28:15 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id CF9B53A69AF for <>; Mon, 17 Nov 2008 17:28:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_42=0.6]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id UboJIvtT3jXS for <>; Mon, 17 Nov 2008 17:28:13 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id EACB03A6922 for <>; Mon, 17 Nov 2008 17:28:12 -0800 (PST)
Received: by with SMTP id b25so2663860rvf.49 for <>; Mon, 17 Nov 2008 17:28:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:received:received:x-mailer:date:to:from:subject :in-reply-to:references:mime-version:content-type:message-id; bh=664eyGx3jHRLcHVgNAkN0cPk/KtL6zNJRBIZZpEJ7FY=; b=hyh/dRhbDcYAgSy7exzdJXL3NLCCszn+X029rLlKUNaBvwHy+Pm7EDlpkeOohvYvt7 qWk6WBLVN8mjYBEZbrdBp9U8rHK0zQ3gTYB0qOovRD6ER1ui+T81xJFe9nlgGGX8DKIl MjdTqNpQW1pT485E5S2gnoKdTEicvq2UVbm/s=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=x-mailer:date:to:from:subject:in-reply-to:references:mime-version :content-type:message-id; b=pxOaBgL8VOg1DZe35oGrUZoty89egLNOObKi0tupUmSBOoglhhkDaB7hJoTpR64tnZ gdamU3wxg05FmuaPB/8QG/emcnJjk7TtJMlXagBPqTdVC1e6o+KKz2YVd0G5UuDGx4Ug J2/88YCIvRM7FbnaS+E9IqTPSBTf9y0z0plvU=
Received: by with SMTP id z21mr2602301rvp.75.1226971692308; Mon, 17 Nov 2008 17:28:12 -0800 (PST)
Received: from ([]) by with ESMTPS id b39sm7540577rvf.0.2008. (version=SSLv3 cipher=RC4-MD5); Mon, 17 Nov 2008 17:28:11 -0800 (PST)
X-Mailer: QUALCOMM Windows Eudora Version
Date: Mon, 17 Nov 2008 17:28:04 -0800
To: "Eddy, Wesley M. (GRC-RCN0)[VZ]" <>, LANGE Andrew <>,
From: "Gregory M. Lebovitz" <>
In-Reply-To: <B5A5E01F9387F4409E67604C0257C71E7A3296@NDJSEVS25A.ndc.nasa .gov>
References: <> <>
Mime-Version: 1.0
Message-ID: <>
Subject: Re: [tcpm] Comments on TCP-AO Draft
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"


At 12:06 PM 11/17/2008, Eddy, Wesley M. (GRC-RCN0)[VZ] wrote:
> >-----Original Message-----
> >From: [] On
> >Behalf Of LANGE Andrew
> >Sent: Monday, November 17, 2008 1:51 PM
> >To:
> >Subject: [tcpm] Comments on TCP-AO Draft
> >
> >
>There are a lot of good comments here that will strengthen
>the document.  One of them that concerns the wire-format rather
>than text additions, clarifications, and changes that are
>needed, which we should address quickly is:
> >1.4.1: " IETF-72 topic" sections "No current consensus was
> >reached on this topic, so no change was made."  This is a real
> >problem -- the logic is deeply flawed.  Allow me to restate:
> >One author of this document has appointed themselves the
> >arbiter of consensus.  This author disagrees with other
> >people, and therefore no "consensus" can ever be reached, so
> >the default case this author has chosen is to keep things they
> >way they like it.
> >
> > ...
> >
> >"..omit an explicit algorithm ID..." -- I've said this before,
> >this is a BAD IDEA^tm. The protocol utility of doing this is
> >minimal (1-bit increase in search space), and the operational
> >complexity goes up.  Not to mention, it makes it operationally
> >incompatible with existing implementations.
>There was logic given to support each side of the argument.  My
>understanding of the summary for each position is:
>(position 1 - "include") Including information like algorithm ID
>and k-bit is BAD because it aids in debugging of implementations
>and of configurations.

Wes, did you mean to say "GOOD" instead of "BAD" in this paragraph? 
I'll assume yes.

>(position 2 - "don't include") Including this information is BAD
>because it can expose information about the security parameters.
>It doesn't aid in debugging of configuration because operators still
>have to call each other in order to read off and verify keys.
>There seemed to be more people around position 2 than position 1,
>but we should flag this and ask during the meeting, as well as
>open this up on the mailing list to see what people prefer.  We
>need to pick one and move on.

I concur with your recollection about the two positions above. I also 
concur with your recollection that there was more people (not 100% 
consensus, but more) around Position 2 than 1. The argument I made 
went something like this, and was based on lots of years of debugging 
interop issues in both IKEv1/ESP and IKEv2/ESP:
  - there is only the case where the connection will be discussed out 
of band by system admins before a first connection is made. At that 
point, there will be some agreement about config choices.
  - if the connection doesn't work, you double check your config 
matches your agreement of config choices.
  - if the config matches the agreement, then you can try the other 
algo, just in case you misheard that part.
  - if it doesn't work, then you have to pick up the phone and call 
the other guy to double check config parameters.
  Conclusion: having the bits on the wire about the config elements 
doesn't help practically, and contradicts the basic security 
principle of hiding as much about the SA as possible.

So I am also support Position 2.


>As an individual, and not a co-chair, I'm in the position 2 "don't
>include" camp.
>tcpm mailing list

tcpm mailing list