[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Minutes for the SLC IPSEC meeting
>>>>> "Theodore" == Theodore Ts'o <tytso@mit.edu> writes:
Theodore> Michael Richardson discussed draft-spencer-ike-implementation-00.txt, which
Theodore> documents a number of implementation issues noted by the Free S/WAN
Theodore> developers. The first major issue is whether "unique" IKE message Id's have
Theodore> to be truly unique, or whether they just need to be generated in a
Theodore> pseudo-random fashion, and simply "probably unique". Many implementations do
Theodore> the latter, and the RFC's are ambiguous on this point. Michael would like
Theodore> the RFC's to be changed to make it clear that implementations must keep
Theodore> track of every message id ever issued by an implementation to guarantee
Theodore> uniqueness.
Perhaps I was unclear verbally. The draft is clear.
If the IDs are guaranteed to be unique, then an implementation can simply
record all message IDs received from a given peer (potentially 10, maybe 15
before phase 1 rekeys) and this gets rid of all ISAKMP replay attack
issues.
See the draft (draft-spencer-ike-implementation-01.txt)
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [