[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bellovin's and Ahar's attacks
Mark,
I'm not sure I agree with your assertion that :
> The destination "owns" the SPI and security association, so it certainly can
> initiate a new key-management exchange to tell the source to start using a new
> SPI and new key.
In most models I have seen, the source contacts the destination through a
key management protocol (either directly or using a support daemon on its
machine) to establish an SPI. Once that is completed, there may be no
way (short of something like the DELETE-SA in-band message that Russ Housley
mentioned, which is used in IEEE 802.10c) for the destination to tell the
source to start using a new SPI and key. Use of a DELETE-SA like message
(using ICMP?) hasn't been discussed until very recently. If that is what
you are proposing, then it needs to be discussed in some detail.
Dan