[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on draft-ietf-ipsec-new-auth-00.txt
Steve,
> Nonetheless, I propose the following compromise. Have the sender always
> transmit the AR counter, thus preserving the 8-byte AH alignment when using
> the default auth data size of 12 bytes. Allow the receiver to determine,
> unilaterally, whether to check the AR counter, and to do so against a
> window size chosen byb the receiver. Make 32 the default window size, and
> allow for large window sizes, in multiples of 32. However, have the
> receiver notify the sender of the selected window size (if any) as part of
> the SA negotiation. This simplifies the negotiation since only the
> receiver needs tell the sender of the former's selected window size, but
> now the sender has specific info about the security service parameters
> empoyed on the SA.
>
> This differs from the implementors' agreement only in the last detail.
> Hopefully it does not introduce significant complexity (the receiver need
> only declare a constant response if it's election of AR is constant) in the
> code.
If I understand this correctly, the initiator of the KMP can choose to
add this attribute to his security suite offering to inform the responder of
his AR window size. He can also choose not to send it and the default is
assumed by the responder. Likewise, the responder can choose to send this
attribute back describing his AR window size regardless of whether the
initiator sent one (and the attribute value the initiator sends has no
bearing on the value the responder sends). In other words, this is not a
negotiable attribute; it is an informational attribute. If that understanding
isn't correct ignore the rest of this email but please straighten me out,
While complexity isn't introduced, something else is. We'd always understood
that the responder in the KMP would either accept or reject a proposed suite
of services in its entirety and not change anything in the offer or add
anything that wasn't in the offer. This changes that.
Granted, it's a simple change and a check for "didn't add anything or change
anything-- except for replay window size" is pretty easy, but I want the WG
to realize this change is being proposed before a show of hands. IPsec SA
negotiation takes place under the protection of the ISAKMP SA so I don't think
this is opening up a security hole.
In the way I understand this compromise, I'm fine with it.
regards,
Dan.
References: