IETF Logo Mail Archive

Re: [tcpm] TCP-AO: Text for New_Key Process

Alfred Hönes <ah@tr-sys.de> Thu, 15 January 2009 12:05 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C66F28C187; Thu, 15 Jan 2009 04:05:43 -0800 (PST)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D674B28C170 for <tcpm@core3.amsl.com>; Thu, 15 Jan 2009 04:05:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.626
X-Spam-Level: *
X-Spam-Status: No, score=1.626 tagged_above=-999 required=5 tests=[AWL=0.375, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HCcN-mKkxDBu for <tcpm@core3.amsl.com>; Thu, 15 Jan 2009 04:05:41 -0800 (PST)
Received: from WOTAN.TR-Sys.de (gateway.tr-sys.de [213.178.172.147]) by core3.amsl.com (Postfix) with ESMTP id C32A828C15D for <tcpm@ietf.org>; Thu, 15 Jan 2009 04:05:39 -0800 (PST)
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3) id AA257491024; Thu, 15 Jan 2009 13:03:44 +0100
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id NAA20429 for tcpm@ietf.org; Thu, 15 Jan 2009 13:03:43 +0100 (MEZ)
From: Alfred Hönes <ah@tr-sys.de>
Message-Id: <200901151203.NAA20429@TR-Sys.de>
To: tcpm@ietf.org
Date: Thu, 15 Jan 2009 13:03:43 +0100
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Subject: Re: [tcpm] TCP-AO: Text for New_Key Process
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="hp-roman8"
Content-Transfer-Encoding: base64
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

Gregory, Joe, all,

I didn't see the original message regarding the New_Key process
for TCP-AO.  Hasn't it been copied to the tcpm list?

The text proposal at a high level seems to reflect the current
wisdom and state of the art of how 'rekeying' (sorry for the
simplifying term commonly used) should be performed in a reasonable
"make-before-break" manner.

Further, I appreciate your intent to get a new version out *before*
the 'rush weeks' before IETF draft cutoff, where drafts always are
in danger of not getting the attention and time they might deserve.
(Unfortunately, this happened with the previous versions of TCP-AO.)

I do not pretend to either be a "TCP guru" nor having "much experience"
with RFC 2385, but my working knowledge with TCP makes me raising my
voice regarding the DISCUSS items w.r.t. TCP use in your proposal.


(A)  Section X.2.3, {New_Key state} TSAD-OVERLAP

Firstly, the proposed timer value of 512 sec amounts to ~8.5 minutes,
"~9 minutes" is a bit too coarse.    :-)

However, from my point of view, two considerations apply:

a)  After an active close of a TCP connection, if the ACK
    for the FIN arrives, the TCP peer transitions its TCP
    to the TIME-WAIT state which regularly persists for 2*MSL
    (twice the maximum segment lifetime in the Internet)
    which the IETF has defined as  4 minutes.

    Since this scenario resembles the above -- it also aims
    at draining all TCP segments still 'on the road' at the
    activation of the new TSAD, it would IMHO make sense to
    adopt the same timeout value, 4 minutes.

b)  Since the TCP-AO processing rules take care of silently
    dropping packets not matching an active TSAD entry (for
    connections that have at least one TSAD entry, of course),
    it would be easy to expedite the aging of the old TSAD-X:
    The TCP peer entering TSAD-OVERLAP is aware of the current
    sequence and acknowledgment numbers at this instant.

    The remote peer is obliged to send all subsequent segments
    under the protection of TSAD-Y as well.  Therefore, as soon
    as the connection makes progress, i.e.:
    -  all outbound segments with sequence numbers
       less than the local 'switchover point' to TSAD-X have been
       transmitted (drained from the local retransmission queue)
       and acknowledged by the remote peer  AND
    -  all inbound segments with sequence numbers less than the
       peer's switchover point have been received and cumulatively
       acknowledged,
    it is save to cancel the TSAD-OVERLAP timer, deactivate TSAD-X,
    and transition to SINGLE-TSAD state.
    Unnecessary retransmissions and packets duplicated in the
    network that are protected by TSAD-X aandstill around at this
    moment will simply be silently discarded at arrival.

    This way, resources (including stale keying material) could be
    cleaned up more quickly.  This might be of particular importance
    if crypto accelerating hardware with restricted resources is used.


(B)  Section X.3, Probe Mechanism

It seems dangerous to introduce new, 'unusual' packets for this
signaling mechanism; intermediate systems and firewalls might
not let them through, and the proposal seems to need a detailed
security analysis.  At first glance, it also seems to violate
rules being recommended for more closer packet inspection in
order to counter various kinds of attack vectors against TCP.

TCP has a 'keep alive' mechanism based on ACK exchanges, and
virtually all TCP implementations support this mechanism.

It would therefore make very much sense to re-use that mechanism
for the Probes: no 'strange looking' segments, known security
considerations for the segments, better re-use of existing code!

Therefore, regarding Question 1, I essentially suggest:  1024 --> 0  !

Regarding Question 2:  I assume the Probe TCP segments will come
with a TCP header and an IP header as well.  :-)
Therefore, the question is moot!
(Every TCP regularly sends myriads of data-less ACKs w/o padding,
and (data) padding never happens at the TCP layer.)


Kind regards,
  Alfred Hönes.

-- 

+------------------------+--------------------------------------------+
| TR-Sys Alfred Hoenes   |  Alfred Hoenes   Dipl.-Math., Dipl.-Phys.  |
| Gerlinger Strasse 12   |  Phone: (+49)7156/9635-0, Fax: -18         |
| D-71254  Ditzingen     |  E-Mail:  ah@TR-Sys.de                     |
+------------------------+--------------------------------------------+

_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email