[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: phase 2 and ports



In message <200006240131.e5O1VJJ109685@thunk.east.sun.com>, Bill Sommerfeld wri
tes:

>
>Multiple SA's isn't necessarily a problem -- from a crypto-paranoia
>standpoint, it's better to use different keys for different things.

Usually, that's correct, though from a traffic analysis standpoint it's 
not.  Also see my paper on probable plaintext attacks on IPsec.
>

>
> > b) an application-ID would be usefull for applications that do NOT know a
> >    priori what ports to use (l2tp for example). I could see using the tuple
> >    protocol:port as an application identifier, and somehow 'teach' ipsec to
> >    identify what traffic constitutes that application.
>
>warning: This opens a naming can-of-worms.
>
>With some application assistance (i.e., ftpd telling the stack "I want
>the data connection I'm initiating to connect back to the same
>principal/entity which initiated the control connection i accepted")
>this might not be so bad.
>
>I'm increasingly coming to think that we need to start specifying the
>handling of principals and identities within IPSEC and IKE a bit more
>closely.  for what it's worth, I like the general properties of the
>model presented in [1] quite a bit, but fitting that into the existing
>IKE framework will be messy.

"Opens" the can of worms?  I wish we would open it -- I've been 
complaining about this issue for years.  (See 
http://www.research.att.com/~smb/talks/ipsec-cert.ps, which is a talk I 
gave in December, 1996 at the San Jose IETF.)

		--Steve Bellovin