[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec error protocol



Bill Sommerfeld wrote:
> 
> To repeat a previous suggestion I made to this list last year:
> 
>    If we have the system sign a "birth certificate" when it reboots
>    (including a reboot time or boot sequence number), we could include
>    that with a "bad spi" ICMP error and in the negotiation of the IKE SA.
> 

This is a quick response, and admittedly, I haven't given this a lot of
thought, but I'm wondering: isn't this essentially the function of the
INITIAL-CONTACT message?




>    This pushes the burden of reestablishing state to the end which
>    already thinks it has shared state and has traffic it wants to send.
> 
>    The system which is receiving packets to unknown SPI's merely has to
>    respond with a simple message which involves no real-time cryptography
>    (it should, of course, be rate limited).
> 
>    The system receiving the error message can discard it if it doesn't
>    correspond to existing state or if it's "old news" (i.e., you get
>    replay protection); if it's not old news, you can rate-limit how often
>    you attempt to verify the signature.
> 
> I think that, in practice, a boot sequence number will suffice and
> require minimal state.  Also, the "birth certificate" could be
> included in an "unknown phase 1" IKE error, to allow for faster
> recovery from loss of phase 1 state..
> 
>                                         - Bill


Follow-Ups: References: