[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RESEND: Thoughts on identity attacks

To: ipsec@lists.tislabs.com
Subject: Re: RESEND: Thoughts on identity attacks
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Tue, 05 Feb 2002 18:50:47 -0500
In-reply-to: Your message of "Tue, 05 Feb 2002 15:14:47 PST." <3C606767.7314CB85@sonicwall.com>
Sender: owner-ipsec@lists.tislabs.com

-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Scott" == Scott G Kelly <skelly@SonicWALL.com> writes:
    >> The protocols should permit some notion of "rekeying" for identities
    >> within the phase 1 SA. That is, I should be able to use this opaque
    >> (but trusted) identity to start things off, and then offer new
    >> identities afterwards. Whether one permits multiple concurrent
    >> identities (attaching them to individual phase 2 negotiations perhaps)
    >> or only a single identity at a time, is an engineering tradeoff that
    >> needs to be made.

    Scott> I think I agree, but upon re-reading, I'm not sure that what I
    Scott> think I understand is what you actually mean. I think the current
    Scott> IPsec spec has hooks for this via the phase 2 ID payloads. That
    Scott> is, it is conceivable that a given phase 1 identity is
    Scott> "authorized" to represent one or more phase 2 identities (which
    Scott> may be presented in phase 2 ID payloads). Is this the capability
    Scott> you are after, or are you referring to something else?

  No, not quite.

  The problem with using meaningless identities in phase 1 (because they
might be vulnerable to identity attacks) is that they may not have the
authority to speak for the phase 2 IDs that one wishes.

  The multiuser machine is a good example - use the machine IDs for phase 1.
Particularly if these identities are strongly linked to IP addresses, there
is very little identity leakage.

  Having done that, one still wants actually use identity
(i.e. public/private keypair) "mcr" to authorize a per-port SA for port 23 
(telnet). If you consider that things like SSH-agent, then things can become
very interesting.

  So, I'm suggesting that one might want to permit one to either change
or augment the phase *1* IDs, since those are what are involved in the
authentication (and therefore the authorization).
  [We can not base the authorization to login on the machine ID, any
more than we can trust that ports <1024 are only superuser]

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys

iQCVAwUBPGBv1YqHRg3pndX9AQGf1QP+JBBgehDdVF/B5Bg1k96bcpKrgej3IYr4
6dKaJjvNyA2gaX8ZdvIBDvxMr4YanbfilqfURdbFy58Xxa0HlB/xUJfCkiBG/B+O
10PUBUSOZod1JfvpSC6yGPdKLf/vivfQYZKzDMbE05QqZFSrQ4TxDsKkwOgfATME
Bm6nWelYbwg=
=LKkB
-----END PGP SIGNATURE-----

References:
- Re: RESEND: Thoughts on identity attacks
  - From: "Scott G. Kelly" <skelly@SonicWALL.com>

Prev by Date: Re: RESEND: Thoughts on identity attacks
Next by Date: RE: Certificates from Verisign
Prev by thread: Re: RESEND: Thoughts on identity attacks
Next by thread: Re: RESEND: Thoughts on identity attacks
Index(es):
- Date
- Thread