[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cookie Requirements



Am I missing something or are the requirements for cookie generation more
than necessary.

RFC2408 Para 2.5.3 states that cookie generation must ensure that cookies
depend on specific parties, that only cookies should not be acceptable by
other than the issuer.  It then goes on to outline a method based on hashing
IP addresses, UDP ports, a local secret and time/day to produce the cookie.

I don't see what advantage this has over choosing a suitably strong random
value.

I don't understand the argument in the first requirement.  If cookies are
associated with a particular negotiation/SA then they are also bound with a
particular peer IP address/port - Requests using a 'current' cookie from
random ip addresses/UDP ports should be rejected on that ground?

I'm not sure about the second argument either.  I can see that it must not
be possible for an attacker to be able to guess the cookie generated in
response to a spoofed negotiation request (as with TCP).  I'm not sure why
this requires a local secret for verification.  The only reason I can think
of is if cookies aren't stored locally (initially?) and hence there would
have to be some means of verifying them.  Even then I'm not sure how it
would help as you'd still need to know the time/date when the cookie was
created.

(The third requirement for the generation to be fast I have no problems
with!)

The difficulties I've had may result from my thoughts about how I'd
implement the protocol.

Thanks
Chris


Follow-Ups: