[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Phase 1 KB lifetime
> Dan> It is _never_ a good idea to just enforce a lifetime without
> Dan> telling the peer (assuming, as we all remember from 3rd grade,
> Dan> makes an ass out of you and me).
>
>I quite disagree. The protocol works if someone rekeys at a time of
>their choosing for reasons of their choosing. Or at least it appears
>to; if it doesn't work for that case then the protocol is defective
>and needs to be repaired.
>
>Therefore, it isn't actually necessary to tell the peer about
>lifetimes you enforce. I still don't understand why that stuff is in
>the protocol at all.
Consider the following scenario:
A Quick Mode initiator (QMi) sends a proposal for IPsec SAs with a
lifetime of one hour. The Quick Mode responder (QMr) decides it wants
to use a lifetime of only half an hour instead, but does not use the
RESPONDER-LIFETIME Notify message to inform QMi that it is doing so.
Half an hour elapses. QMr deletes the IPsec SAs. QMr sends a Delete
to QMi, but the Delete gets lost somewhere along the way. (Even if
we have an acknowledged Informational exchange, Deletes can still
get lost; QMr is eventually going to have to give up and delete the
SAs anyways, right?)
QMr has no further traffic requiring an IPsec SA to QMi, so doesn't
bother proposing one. QMi, however, does have traffic and, believing
there's still valid IPsec SAs, uses them. QMr, seeing this IPsec
traffic for IPsec SAs it doesn't have, drops the packets. This
continues on for another half hour, until QMi finally deletes the
IPsec SAs and negotiates new ones, and the cycle starts again...
Now, tell me again why we don't need RESPONDER-LIFETIME?
-Shawn Mamros
E-mail to: smamros@nortelnetworks.com
Follow-Ups: