[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Phase 1 KB lifetime



I agree with Joern. From a business perspective, I don't think this is a
feature that most of our customers are asking for. However, I don't see why
that is justification for excluding a feature that is necessary for maximum
security.

While it may seem unlikely that encrypted kbs will ever be the strongest
factor in Isakmp SA degredation, it is theoretically possible, and an
implementation that wants to enforce very strict security rules should be
able to use them. 

Of course, kb lifetimes should never be used in isolation. They should be
used in conjunction with time-based lifetimes and the proposed new "number
of QMs" lifetime.

Also, I hope that the theoretical necessity of kb lifetimes will not be used
as a political argument against implementations that send additional data
(Ike-cfg, XAuth, keep-alives, whatever) on the Isakmp channel.


There are essentially two opinions concerning the removal of the kb lifetime
notify -- one pro, one con:

Pro: Implementations are not required to send lifetime notifies. If you want
to enforce a kb lifetime, go ahead -- just don't tell me about it.

Con: Implementations are not required to interpret lifetime notifies.
Sending the kb lifetime notify does not hinder interoperability. In fact, as
has been pointed out on this list before, not sending lifetime notifies can
hinder interoperability with some implementations.


One concern about the implementation of kb-based expiry is that it can cause
interoperability problems if one side expires the SA in the middle of a QM
negotiation (the same could happen with time-based expiry but the window is
much smaller). 

The solution is to set a large deletion threshhold. Say you set your expiry
limit to 10 Mb. Then you can set your app to delete/rekey the SA whenever
you reach 9 Mb UNLESS you are already in the middle of an exchange. The 1 Mb
cushion prevents you from disrupting an exchange that is already in
progress.

Note that this solution does not require any cooperation by the peer. When
one side is using kb lifetimes and the other is not, interoperability is not
affected.

Andrew
_______________________________________________
 Beauty without truth is insubstantial.
 Truth without beauty is unbearable.


-----Original Message-----
From: Joern Sierwald [mailto:joern@datafellows.com]
Sent: Thursday, January 13, 2000 11:50 AM
To: ipsec@lists.tislabs.com
Subject: Phase 1 KB lifetime


In the wednesday interop meeting there was a notion to
forbid KB lifetimes in Phase 1.

I see that a lifetime does not make much sense in 
todays use of ISAKMP. But somebody might use the
ISKAMP channel to exchange a lot a data. If a
system sends 10KB per second through the ISAKMP channel,
a KB lifetime makes sense.

Let's keep it for now.

Jörn Sierwald




Follow-Ups: