[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A problem with public key encrption in IKE

To: francisco_corella@hp.com
Subject: Re: A problem with public key encrption in IKE
From: "Scott G. Kelly" <sgkelly@ix.netcom.com>
Date: Sat, 18 Dec 1999 06:42:12 -0800
CC: skelly@redcreek.com, pau@watson.ibm.com, ipsec@lists.tislabs.com
References: <H00013960dadb666@MHS>
Sender: owner-ipsec@lists.tislabs.com

Hi Francisco,

francisco_corella@hp.com wrote:
<trimmed here and there...> 
>         <<
>         The requirement for ID PFS may be specific to the peers, i.e. I
>         may require ID PFS for my connections, while other folks I work
>         with do not, meaning they may share phase 1 SAs with one
>         another, while I will not. If you divorce the phase 1 security
>         requirements from the phase 2 security requirements, you remove
>         this capability.
>         >>
> 
> I'm not sure I understand this point.  I think you are saying that you
> want to specify ID PFS for some cnnections but not others.  That's fine,
> but I don't see the difficulty.  ID PFS can be specified as a phase 2
> requirement.

Of course, you are right, and this is how the ID PFS requirement should
be specified. Another issue which occurs to me is that phase 2 IDs with
respect to authentication are currently tied to the phase 1 SA. If a
security gateway (sgw) is to provide individualized authentication for
hosts which it protects, it must use unique IDs for phase 1. These IDs
must be tied to the phase 2 SAs which they authenticate, and I think
this means that phase 1 configuration is tied to phase 2 configuration.
Do you have a model which simplifies this?

>         <<
>         Also, as a phase 2 consumer, what assurance would I then have
>         that the protection level of the phase 1 SA is sufficient to
>         protect negotiation of my perhaps highly secured phase 2 SA?
>         >>
> 
> Every phase 1 SA should provide sufficient protection to protect
> negociation of any phase 2 SA that may have to be established.
> 
> I understand the need to provide different levels of protection for phase 2
> SAs, e.g. encryption is expensive and may be needed on an Internet
> connection but not on an intranet connection.  But I don't see much
> motivation for skimping on the protection level for a phase 1 SA.  For
> example, using DES instead of 3DES won't give you much of a performance
> improvement.

One other option that may be provided at the phase 2 (negotiation) level
is key PFS. While I agree to some extent with your assertion, I think
that you imply that every phase 1 SA should provide for key PFS
automatically. Is this right?

Scott

Follow-Ups:

Re: A problem with public key encrption in IKE

From: francisco_corella@hp.com

References:

Re: A problem with public key encrption in IKE

From: francisco_corella@hp.com

Prev by Date: Re: A problem with public key encrption in IKE
Next by Date: signture mode and non-repudiation
Prev by thread: Re: A problem with public key encrption in IKE
Next by thread: Re: A problem with public key encrption in IKE
Index(es):
- Main
- Thread