[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Comments on draft-ietf-ipsec-new-auth-00.txt
General comments:
I'm a little concerned that by specifying the HMAC
MD5 and HMAC SHA-1 algorithms in this draft, we
are now one step away from the goal of algorithm
independence.
- I think it is now more difficult to specify
other algorithms for use with AH since the
mechanism to do so has been removed (i.e.
transform documents) and new algorithm
documents will have to point to the AH spec
instead of the other way around.
- As a result, other algorithms may be presented in a form
similar to "transform" documents which defeats the main goal of re-
writing the RFCs.
- A possible solution would be to remove the
references to specific algs. from the draft
and point to another draft that contains
just a list of algorithms, alg-ids, and the
implementation conformance requirements(MUST,
SHOULD, or MAY).
- This comment applies to the new-esp draft
as well.
More Specific comments:
1. Anti-replay and multicast are problematic
together. See the last paragraph of section 2.1 in
draft-ietf-ipsec-ah-hmac-sha-1-96-00.txt
2. I think it is too strong to say that "...
a compliant implementation must not negotiate
this service (Anti-Replay) in conjuction with
SAs that are manually keyed." The implication
is that only with a full-blown dynamic key management engine
will you ever use Anti- Replay.
3. The straw poll taken a few weeks back concluded
that we didn't want a variable sized field
in the middle of the AH header. By making
the Seq. Number field optional this way, once
again we have a variable sized field in the
header. One way to fix this would be to move
the Authentication Data pad to the beginning
of the Authentication Data instead of the end.
That way when HMAC-{MD5,SHA-1}-96 is used
without Anti-replay and 64-bit alignment is
desired, the 32-bits of pad will be located
in the same position where the SN would have
been.
Of course, another solution would be to just
fix the SN field.
4. If it is decided to still include algs. in the
drafts, then the AH draft should:
- specify the default 96-bit truncation in
the conformance section, and
- mention that HMAC-MD5 is MUST and
HMAC-SHA-1 is SHOULD (as previously
recommended).
Follow-Ups: