[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPsec and RTP crypto

To: itojun@iijlab.net
Subject: Re: IPsec and RTP crypto
From: Bill Sommerfeld <sommerfeld@East.Sun.COM>
Date: Thu, 05 Apr 2001 12:42:15 -0400
cc: ipsec@lists.tislabs.com
In-reply-to: Your message of "Thu, 05 Apr 2001 08:28:40 +0900." <16603.986426920@coconut.itojun.org>
Reply-to: sommerfeld@East.Sun.COM
Sender: owner-ipsec@lists.tislabs.com

> 	i don't think it a "poor fit" in mobile-ip6 case.

Here's a more specific concern:

The use of ipsec for protecting piggybacked binding updates interferes
with safe use of ipsec opportunistic encryption.

A service may set up a listening tcp port with a policy which says
"allow cleartext, or AH-protected, but once encryption is used,
require it on all subsequent packets".

Now, it receives an AH-protected TCP SYN with a binding update
attached (which seems to be a highly likely combination).

Is the receiver to interpret the use of ipsec for that packet as:

a) an indication that all other traffic on this connection will be
protected with AH?

b) a signal that just the segment with the binding update is protected
and to expect cleartext on other packets?

The conservative thing to do is to assume (a), and prevent the
connection from being assassinated by forged unauthenticated RST's.

						- Bill

Follow-Ups:

Re: IPsec and RTP crypto

From: itojun@iijlab.net

References:

Re: IPsec and RTP crypto

From: itojun@iijlab.net

Prev by Date: Re: SCTP and IPsec issues
Next by Date: Invalid SPI RFC2408 5.5
Prev by thread: Re: IPsec and RTP crypto
Next by thread: Re: IPsec and RTP crypto
Index(es):
- Main
- Thread