[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipsec error protocol
Bill Sommerfeld wrote:
>
> To repeat a previous suggestion I made to this list last year:
>
> If we have the system sign a "birth certificate" when it reboots
> (including a reboot time or boot sequence number), we could include
> that with a "bad spi" ICMP error and in the negotiation of the IKE SA.
>
This is a quick response, and admittedly, I haven't given this a lot of
thought, but I'm wondering: isn't this essentially the function of the
INITIAL-CONTACT message?
> This pushes the burden of reestablishing state to the end which
> already thinks it has shared state and has traffic it wants to send.
>
> The system which is receiving packets to unknown SPI's merely has to
> respond with a simple message which involves no real-time cryptography
> (it should, of course, be rate limited).
>
> The system receiving the error message can discard it if it doesn't
> correspond to existing state or if it's "old news" (i.e., you get
> replay protection); if it's not old news, you can rate-limit how often
> you attempt to verify the signature.
>
> I think that, in practice, a boot sequence number will suffice and
> require minimal state. Also, the "birth certificate" could be
> included in an "unknown phase 1" IKE error, to allow for faster
> recovery from loss of phase 1 state..
>
> - Bill
Follow-Ups:
References: