[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Simplifying IKE

To: Dan Harkins <dharkins@lounge.org>
Subject: Re: Simplifying IKE
From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Date: Thu, 09 Aug 2001 11:46:19 +0200
cc: ipsec@lists.tislabs.com
In-reply-to: Your message of Wed, 08 Aug 2001 11:02:33 PDT. <200108081802.f78I2XR00772@dharkins@lounge.orgatty.lounge.org>
Sender: owner-ipsec@lists.tislabs.com

 In your previous mail you wrote:

   > ... The trouble of IPsec with MIPv6 is more IKE (the thing we are
   > supposed to simplify): obviously to run IKE phases 1 & 2 in order
   > to protect BUs (sometime a single small packet) is overkilling

   Well, not really, and none of the simplifications being proposed or 
   planned for IKE would help MIPv6.

=> I disagree, it should help at least for other cases than the "random"
correspondent, for instance for the mobile node to home agent home
registration.

   The problem with MIPv6 is that the Binding Update is a destination
   option which they would like authenticated.

=> I believe you don't like piggybacking. I agree and it seems many
of us too (cf. the thread about it in the mobileip mailing list).
Just assume we have got the head of piggybacking...

   But there is no way for
   an IPsec selector to be defined to identify certain types of destination
   options. The choice is to authenticate _everything_ which they don't
   want to do or authenticate _nothing_ which they can't do. This has
   nothing to do with IKE.

=> if we may not hack a bit the definition of selectors (a thing which
we have to fix for ICMPv6) we can put BUs in a payload (a new protocol
or if we believe this is too expensive UDP with a well know port).
This is an implementation detail, not a basic issue.

   While the overkill of a phase 1 and phase 2 to merely authenticate a
   single Binding Update is a problem the other, larger problem is that
   there is no global PKI to deal with authentication.

=> I agree but this is not a IPsec problem, i.e. if we need strong
authentication and authorization then this can work only with
a global PKI.

   Even a protocol
   (SKIP for instance) which could handle the key establishment in a
   single message-- definitely not overkill-- would not work because
   there is no global PKI to support it.

=> this shows this issue is out of the scope of IPsec, i.e. MIPv6
has a problem with the authentication/authorization requirement,
not with IPsec itself.  Unfortunately this disables quick but
not dirty solutions like "just sign BUs"...
But as I've said there are other contexts than the "random"
correspondent so there is still in interest in the IPsec/MIPv6
discussion.

Regards

Francis.Dupont@enst-bretagne.fr

PS: there are real advantages to be able to secure (with ESP in tunnel mode)
the home agent to mobile node tunnel. HIP is a good candidate, the son of
IKE (or others) will be compared with HIP for this task. Tests have shown
that IKE has abyssal performance in this case but is the best available
tool (for the security point of view).

References:

Re: Simplifying IKE

From: Dan Harkins <dharkins@lounge.org>

Prev by Date: Re: Simplifying IKE
Next by Date: Re: Simplifying IKE
Prev by thread: Re: Simplifying IKE
Next by thread: Re: Simplifying IKE
Index(es):
- Main
- Thread