[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: reliable notify question

To: "Brian Swander (Exchange)" <briansw@exchange.microsoft.com>
Subject: Re: reliable notify question
From: Bronislav Kavsan <bkavsan@ire-ma.com>
Date: Tue, 05 Oct 1999 18:38:21 -0400
CC: "'Dan Harkins'" <dharkins@network-alchemy.com>, "'ipsec@lists.tislabs.com'" <ipsec@lists.tislabs.com>
References: <19398D273324D3118A2B0008C7E9A569027515E2@SIT.platinum.corp.microsoft.com>
Sender: owner-ipsec@lists.tislabs.com

Brian,

If you considering chances for generating the same message IDs on both ends -
this will break lots of things in IKE - not just reliable notifies.

"Brian Swander (Exchange)" wrote:

> There is a small problem with this.  It is perhaps so small as to be
> irrelevant, but I'll let you decide.
>
> Say both peers (A and B) decide send a reliable delete on the same SA at
> approx. the same time.  By a fluke, both generate the same random mess_id
> for the message.  Now, each sends delete expecting an ACK.  When B gets A's
> message, he will expect it to be an ACK, since the mess_id is the same as
> the message he sent.  B will therefore try to verify the hash, and fail,
> since it was in reality a new notify, not an ACK, from A. Similarily for A
> processing B's notify.
>
> Again, I don't know if we care, since the odds of this occurring are slim.
> However, it will break processing of these notifies.  A fix is to
> distinguish in the payload the difference between an new notify and an ACK,
> perhaps as a flag in the header.  However, adding such a flag makes
> backwards compatibility much harder.  Is there any other good solution that
> still preserves the relatively simple backwards compatability?
>
> bs
>
> -----Original Message-----
> From: Dan Harkins [mailto:dharkins@network-alchemy.com]
> Sent: Monday, October 04, 1999 5:39 PM
> To: Brian Swander (Exchange)
> Cc: 'ipsec@lists.tislabs.com'
> Subject: Re: reliable notify question
>
>   They have to be the same, just like all the other exchanges. Otherwise
> there would be no way to distinguish a response to your notify from a
> newly initiated notify from the peer.
>
>   Dan.
>
> On Mon, 04 Oct 1999 13:11:23 PDT you wrote
> > Also, MUST the message_id in the responders ACK be the same as the
> > message_id in the initiator's N/D, or MUST the message_ids be different?
> >
> > I'd argue for the former, since it will allow easier lookups, and I doubt
> > there are any security issues with the duplicate mess_id.
> >
> > bs
> >
> > -----Original Message-----
> > From: Brian Swander (Exchange)
> > Sent: Monday, October 04, 1999 10:11 AM
> > To: 'Dan Harkins'
> > Cc: ipsec@lists.tislabs.com
> > Subject: reliable notify question
> >
> >
> > Pardon me if this has been asked before.
> >
> > In section 6.4.2 of the new IKE draft on reliable notifies, it says we
> need
> > to use the initiator and responder nonces in constructing the messages.
> >
> >         Initiator                        Responder
> >       -----------                      -----------
> >        HDR*, HASH(1), Ni, N/D  -->
> >                                <--      HDR*, HASH(2), Nr, N/D
> >
> > First, are these values the nonces that were already exchanged, or are
> they
> > newly generated for each reliable notify?  I presume the former.
> >
> > If I am right so far, which nonce do we use, the MM nonces, or the QM
> > nonces?  I assume that we always use the MM nonce, since notifies are only
> > really bound to the MM, and not to any particular QM.
> >
> > Is this correct?
> >
> > bs
> >
> >

References:

RE: reliable notify question

From: "Brian Swander (Exchange)" <briansw@exchange.microsoft.com>

Prev by Date: RE: reliable notify question
Next by Date: diffedge handling of fragments
Prev by thread: RE: reliable notify question
Next by thread: Re: Non-IP type Client IDs
Index(es):
- Main
- Thread