Re: [tcpm] TCP-AO: Text for New_Key Process
Alfred Hönes <ah@tr-sys.de> Thu, 15 January 2009 12:05 UTC
Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C66F28C187; Thu, 15 Jan 2009 04:05:43 -0800 (PST)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D674B28C170 for <tcpm@core3.amsl.com>; Thu, 15 Jan 2009 04:05:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.626
X-Spam-Level: *
X-Spam-Status: No, score=1.626 tagged_above=-999 required=5 tests=[AWL=0.375, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HCcN-mKkxDBu for <tcpm@core3.amsl.com>; Thu, 15 Jan 2009 04:05:41 -0800 (PST)
Received: from WOTAN.TR-Sys.de (gateway.tr-sys.de [213.178.172.147]) by core3.amsl.com (Postfix) with ESMTP id C32A828C15D for <tcpm@ietf.org>; Thu, 15 Jan 2009 04:05:39 -0800 (PST)
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3) id AA257491024; Thu, 15 Jan 2009 13:03:44 +0100
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id NAA20429 for tcpm@ietf.org; Thu, 15 Jan 2009 13:03:43 +0100 (MEZ)
From: Alfred Hönes <ah@tr-sys.de>
Message-Id: <200901151203.NAA20429@TR-Sys.de>
To: tcpm@ietf.org
Date: Thu, 15 Jan 2009 13:03:43 +0100
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Subject: Re: [tcpm] TCP-AO: Text for New_Key Process
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="hp-roman8"
Content-Transfer-Encoding: base64
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org
Gregory, Joe, all, I didn't see the original message regarding the New_Key process for TCP-AO. Hasn't it been copied to the tcpm list? The text proposal at a high level seems to reflect the current wisdom and state of the art of how 'rekeying' (sorry for the simplifying term commonly used) should be performed in a reasonable "make-before-break" manner. Further, I appreciate your intent to get a new version out *before* the 'rush weeks' before IETF draft cutoff, where drafts always are in danger of not getting the attention and time they might deserve. (Unfortunately, this happened with the previous versions of TCP-AO.) I do not pretend to either be a "TCP guru" nor having "much experience" with RFC 2385, but my working knowledge with TCP makes me raising my voice regarding the DISCUSS items w.r.t. TCP use in your proposal. (A) Section X.2.3, {New_Key state} TSAD-OVERLAP Firstly, the proposed timer value of 512 sec amounts to ~8.5 minutes, "~9 minutes" is a bit too coarse. :-) However, from my point of view, two considerations apply: a) After an active close of a TCP connection, if the ACK for the FIN arrives, the TCP peer transitions its TCP to the TIME-WAIT state which regularly persists for 2*MSL (twice the maximum segment lifetime in the Internet) which the IETF has defined as 4 minutes. Since this scenario resembles the above -- it also aims at draining all TCP segments still 'on the road' at the activation of the new TSAD, it would IMHO make sense to adopt the same timeout value, 4 minutes. b) Since the TCP-AO processing rules take care of silently dropping packets not matching an active TSAD entry (for connections that have at least one TSAD entry, of course), it would be easy to expedite the aging of the old TSAD-X: The TCP peer entering TSAD-OVERLAP is aware of the current sequence and acknowledgment numbers at this instant. The remote peer is obliged to send all subsequent segments under the protection of TSAD-Y as well. Therefore, as soon as the connection makes progress, i.e.: - all outbound segments with sequence numbers less than the local 'switchover point' to TSAD-X have been transmitted (drained from the local retransmission queue) and acknowledged by the remote peer AND - all inbound segments with sequence numbers less than the peer's switchover point have been received and cumulatively acknowledged, it is save to cancel the TSAD-OVERLAP timer, deactivate TSAD-X, and transition to SINGLE-TSAD state. Unnecessary retransmissions and packets duplicated in the network that are protected by TSAD-X aandstill around at this moment will simply be silently discarded at arrival. This way, resources (including stale keying material) could be cleaned up more quickly. This might be of particular importance if crypto accelerating hardware with restricted resources is used. (B) Section X.3, Probe Mechanism It seems dangerous to introduce new, 'unusual' packets for this signaling mechanism; intermediate systems and firewalls might not let them through, and the proposal seems to need a detailed security analysis. At first glance, it also seems to violate rules being recommended for more closer packet inspection in order to counter various kinds of attack vectors against TCP. TCP has a 'keep alive' mechanism based on ACK exchanges, and virtually all TCP implementations support this mechanism. It would therefore make very much sense to re-use that mechanism for the Probes: no 'strange looking' segments, known security considerations for the segments, better re-use of existing code! Therefore, regarding Question 1, I essentially suggest: 1024 --> 0 ! Regarding Question 2: I assume the Probe TCP segments will come with a TCP header and an IP header as well. :-) Therefore, the question is moot! (Every TCP regularly sends myriads of data-less ACKs w/o padding, and (data) padding never happens at the TCP layer.) Kind regards, Alfred Hönes. -- +------------------------+--------------------------------------------+ | TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. | | Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 | | D-71254 Ditzingen | E-Mail: ah@TR-Sys.de | +------------------------+--------------------------------------------+ _______________________________________________ tcpm mailing list tcpm@ietf.org https://www.ietf.org/mailman/listinfo/tcpm
- Re: [tcpm] TCP-AO: Text for New_Key Process Gregory M. Lebovitz
- Re: [tcpm] TCP-AO: Text for New_Key Process Alfred Hönes
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Lars Eggert
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Brian Weis
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Brian Weis
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Eddy, Wesley M. (GRC-RCN0)[VZ]
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Caitlin Bestler
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Ron Bonica
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla
- Re: [tcpm] TCP-AO: Text for New_Key Process Joe Touch
- Re: [tcpm] TCP-AO: Text for New_Key Process Eric Rescorla