[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: proposed IPSEC changes/extensions

To: sommerfeld@apollo.hp.com
Subject: Re: proposed IPSEC changes/extensions
From: pau@watson.ibm.com
Date: Fri, 1 Nov 1996 18:36:04 -0500
Cc: kent@bbn.com, ipsec@TIS.COM
MMDF-Warning: Parse error in original version of preceding line at neptune.TIS.COM
Sender: ipsec-approval@neptune.tis.com



In msg <199611012212.RAA01728@thunk.orchard.medford.ma.us>
 Bill Sommerfeld Wrote:
> 
> > C: If "crypto period" or "SA life time" is an SA parameter, should they
> >    be negotiated by key management protocol ? Perhaps as an attribute of a
> >    transform in ISAKMP ?
> 
> Definitely.  the current isakmp-05 draft says:
> 
>    In particular, key lifetimes and SA lifetimes are purely a local
>    issue, and should not be negotiated.
> 
> I think this is *very* wrong.  It means that a receiver can terminate
> an SA while the sender still thinks its valid... this will set off
> false alarms when incoming traffic fails to decrypt/verify, and freeze
> user traffic for several RTT's while the key mgmt protocols try to
> resynchronize.  Very clumsy..
> 
> Note that negotiating a lifetime for the SA does *NOT* require
> synchronized clocks; all it requires is a clock on each end with
> frequency accurate to within a couple percent.

Completely agree. 

> 
> ISAKMP currently handles SA removal with explicit DELETE messages, but
> it would be more efficient, in general, to let idle SA's expire
> without the need to send messages (consider demand-dial links .. you
> probably want the SA to live longer than the demand-dial idle timeout,
> and it would be silly to bring the link up just to send a DELETE
> message..).
> 
> 				- Bill
>

Yes. our experience shows that if life time is negotiated and the clocks
on the two sides have reasonable accuracy (I would say accurate to seconds
is good enough.), then no explicit DELETE msg is needed, just refresh the
key near (but before) its expiration. This has been implemented and
used on IBM firewall, it seems to work pretty well. Of course, if no
further communication is needed, we can just let the SA (key) expire.

As far as I can see, the only case needs special care is if the key's
life time is pretty long and the user/system wish to terminate the
SA long before the key expires. So DELETE msg may needed in
this special case. But if the life time is set to be so long, maybe
the user/system does not care that much anyway.


Pau-Chen

Prev by Date: Re: proposed IPSEC changes/extensions
Next by Date: Re: proposed IPSEC changes/extensions
Prev by thread: Re: proposed IPSEC changes/extensions
Next by thread: Re: proposed IPSEC changes/extensions
Index(es):
- Main
- Thread