[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ISAKMP SA negotiation
Hello,
As part of my research in formally specifying security policies for network
connections, I am looking at ISAKMP and the negotiation of security
associations. I have a question that I did not see addressed by the
ISAKMP Internet Draft (2/21/97) or in the last few months archives of
this mailing list, so I thought I'd pose it here.
When, for a particular situation, multiple SA proposals are acceptable, how
does one choose the one to use?
This is how I see things. The initiator has a set of security policies
which dictate what SA proposals to make for different contexts (i.e.
certain types of connections). These proposals have a certain order of
preference. Similarly, the responder have a set of policies for what
proposals to accept in a particular context. Again, the responder has
certain preferences for which it wants to be the outcome.
Now a example to motivate the question. Site A wants to establish a
connection with site B. Consulting its policies, it determines the
SA proposals for the particular situation. There are 2 acceptable SAs, P1
and P2, with the preference being for P1. So, this is sent in P1, P2
order in an ISAKMP SA payload.
Now, when site B receives the message, it consults its policies and
determines what SAs are acceptable to it. It finds that both P1 and P2
are acceptable, but that P2 is preferred over P1. Knowing that site A
prefers P1, which should site B choose to respond with?
Thank you,
Jim Hoagland
|* James A. Hoagland *|
|* Research Assistant, Computer Security Research Lab, UC Davis *|
|* Grad. Tech. Intern, Internet Security, Intel Architecture Labs *|
|* http://seclab.cs.ucdavis.edu/~hoagland/ *|