Simplification of IKE

["Mason, David" <David_Mason@nai.com>]

Two things that seem to cause a lot of confusion (or at least differing
points of view) are how the Commit bit is to be handled (RFC style vs.
son-of-ike style) and "negotiating up" of the group in phase 2.  So just to
make things more confusing I thought I'd throw this out to the list:

A possible solution that would (eventually) eliminate these problems would
be the introduction of a new phase 2 exchange type (eventually deprecating
the current Quick Modes):

HDR*, HASH, SA, Ni, [, IDs ] -->
       <-- HDR*, HASH, SA, Nr, [, KE ] [, IDs ]
HDR*, HASH [, KE ] -->
       <-- HDR*, HASH

With this we could eliminate the commit bit altogether which should simplify
most IKE implementations' state machines; allows for phase 2 group
negotiation; and eliminates the need for "negotiate up" of phase 2 groups
(if the responder would normally offer group 2 as the initiator but will
"negotiate up" as the responder, the responder would just have the phase 2
policy as multiple proposals that offer both group 2 and group 5).

Yes this lengthens the time to do a phase 2 by 1 message transmission time,
but it allows group negotiation in phase 2 and eliminates the need for the
Commit bit (the out-of-order problem where the initiator's IPSec packets
arrive at the responder before the 3rd QM message arrives and/or is
processed would no longer happen which simplifies avoiding dropped packets).

Like it or not there will be other dramatic IKE changes coming down the pike
(e.g., DoS changes).  If anyone feels that this new mode is worth pursuing
I'll write up a draft (using the apparently de facto VID payload new feature
method).

-dave

---

• Prev by Date: Re: Win2K?
• Next by Date: Use of Encryption in Heartbeat Packets
• Prev by thread: zlib bugs
• Next by thread: Use of Encryption in Heartbeat Packets
• Index(es):
  • Main
  • Thread