[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Minutes for the SLC IPSEC meeting




>>>>> "Theodore" == Theodore Ts'o <tytso@mit.edu> writes:
    Theodore> Michael Richardson discussed draft-spencer-ike-implementation-00.txt, which
    Theodore> documents a number of implementation issues noted by the Free S/WAN
    Theodore> developers. The first major issue is whether "unique" IKE message Id's have
    Theodore> to be truly unique, or whether they just need to be generated in a
    Theodore> pseudo-random fashion, and simply "probably unique". Many implementations do
    Theodore> the latter, and the RFC's are ambiguous on this point. Michael would like
    Theodore> the RFC's to be changed to make it clear that implementations must keep
    Theodore> track of every message id ever issued by an implementation to guarantee
    Theodore> uniqueness.

  Perhaps I was unclear verbally. The draft is clear.

  If the IDs are guaranteed to be unique, then an implementation can simply
record all message IDs received from a given peer (potentially 10, maybe 15
before phase 1 rekeys) and this gets rid of all ISAKMP replay attack
issues. 

  See the draft (draft-spencer-ike-implementation-01.txt)

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [