[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Interoperability (was: Death to AH?)

To: "'Scott G. Kelly'" <skelly@redcreek.com>, Paul Koning <pkoning@xedia.com>
Subject: RE: Interoperability (was: Death to AH?)
From: "Mason, David" <David_Mason@nai.com>
Date: Tue, 6 Jun 2000 07:30:09 -0700
Cc: dharkins@cips.nokia.com, ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

Beside possible DoS vulnerability (in the DH groups), another big argument
against "negotiating up" was the asymmetry of negotiation.  With
"negotiating up", if the side configured with the stronger value initiates
the rekey (or original connection) it succeeds, whereas with the same
configuration if the weaker side initiates the rekey (or original
connection) it fails.

Of course some argued that with "negotiating up" at least the connection
could be established if the right side always initiated and without
"negotiating up" the connection would never be established.  On the other
hand, with "negotiating up" the connection would likely exhibit intermittant
problems that might be harder to determine the cause of than when
"negotiating up" is not being used.

One (partial) resolution that was suggested was that for algorithms where an
increase in key length does not mean an increase in workload the maximum key
length was ALWAYS to be used (i.e., the algorithm was to be treated as a
fixed key length algorithm).  I don't recall anyone objecting to this (e.g.,
I don't think anyone wants 2 key TripleDes).

-dave

Follow-Ups:

RE: Interoperability (was: Death to AH?)

From: Robert Moskowitz <rgm-sec@htt-consult.com>

Prev by Date: Re: Interoperability (was: Death to AH?)
Next by Date: RE: Interoperability (was: Death to AH?)
Prev by thread: Re: Interoperability (was: Death to AH?)
Next by thread: RE: Interoperability (was: Death to AH?)
Index(es):
- Main
- Thread