[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Question about mis-match SA lifetimes

To: "'Daniel Harkins'" <dharkins@cisco.com>
Subject: RE: Question about mis-match SA lifetimes
From: "Mason, David" <David_Mason@nai.com>
Date: Thu, 4 Feb 1999 06:30:27 -0800
Cc: "'ipsec@tis.com'" <ipsec@tis.com>
Sender: owner-ipsec@ex.tis.com

Hi Dan - it's me again :)

Between me being thick skulled and ridiculous remarks about sending keys off
to Louis Freeh (who is he anyways?), I'm having a hard time sorting out when
your serious and when your just having fun.  If you truly believe that the
other side might compromise the keys during the remaining seven hours in a 1
hour versus 8 hour mismatch, what's to keep them from compromising the keys
during the first hour?  And if there's a posssibilty that they might
compromise the IKE/IPsec keys, wouldn't it be likely that they might also
compromise the secret in a preshared link or their private key in a
certificate based link?

If you can't trust the other side to protect the keys, and you care about
protecting the data transferred, you should not only fail the negotiation
under a lifetime mismatch, but fail the negotiation under all circumstances.
If you don't care about protecting the data, or if you trust the other side
to protect the keys, then I don't see any advantage in failing the
negotiation because of a lifetime mis-match.

Are there any cryptography experts out there that think a note should go
into the security considerations section of RFC 2407 stating that option 2
(complete the negotiation but use a shorter lifetime than what was offered)
of section 4.5.4 might possibly represent a security risk?

-dave

Prev by Date: Re: Question about mis-match SA lifetimes
Next by Date: REPLAY-STATUS
Prev by thread: Re: Question about mis-match SA lifetimes
Next by thread: Re: Question about mis-match SA lifetimes
Index(es):
- Main
- Thread