[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: divergent interpretations of IKE/IPsec - interop issues

To: joern@f-secure.com
Subject: Re: divergent interpretations of IKE/IPsec - interop issues
From: Paul Koning <pkoning@equallogic.com>
Date: Thu, 21 Mar 2002 13:31:53 -0500
Cc: ipsec@lists.tislabs.com
References: <3C99AB48.230D4CD4@6wind.com><5.1.0.14.0.20020321124319.038df140@dfintra.f-secure.com>
Sender: owner-ipsec@lists.tislabs.com

>>>>> "Joern" == Joern Sierwald <joern@f-secure.com> writes:

 Joern> At 10:43 21.03.2002 +0100, you wrote:
 >> Hello,
 >> 
 >> During interoperability tests on several IKE/IPsec
 >> implementations, we discovered different interpretations of the
 >> IKEv1 or IPsec specification.
 >> 
 >> Let's consider the following transform:
 >> 
 >> (1) [IP][data] ==(IPsec)==> [IP][AH][ESP][encrypted IP+data]
 >> 
 >> To negociate such transform as IKE-initiator, (2) some
 >> implementations send a QM proposal of AH_transport + ESP_tunnel
 >> (6WIND, KAME, OpenBSD...)  (3) some other implementations send a
 >> QM proposal of AH_tunnel + ESP_tunnel (FreeS/WAN, Cisco...)
 >> 
 >> If initiator and responder use different interpretations, the
 >> negociation fails most of the time.  These two different
 >> interpretations consequently lead to non-interoperable
 >> implementations.
 >> 
 >> IMHO only ESP is in tunnel mode in this transform, as opposed to
 >> AH which is in transport mode. But some implementors seem to
 >> consider that mode applies globally to the transform (AH+ESP).
 >> 
 >> Are (2) and (3) valid representations of transform (1) ?
 >> 
 >> /christophe

 Joern> The past few interops I've been to have addressed this issue
 Joern> over and over again.  The agreement was that (3) is correct.

 Joern> Some software may accept type (2) proposals are well, if they
 Joern> are responder.  But sending type (2) QM proposals is not
 Joern> allowed.

 Joern> The basic idea is that the attributes should be consistent
 Joern> over protocols.  You have the same lifetime for AH and ESP,
 Joern> you have the same PFS setting, and you should have the same
 Joern> tunnel/transport setting.

Interesting.  I thought it was the other way around (i.e., (2) is
correct) but I'm rusty.

So the consequence is that there is no way to request the following
encapsulation:
	[IP][AH][IP][ESP][encrypted IP+data]
in a single negotiation.

Yet another fine reason to let ESP do the whole job by itself... :-)

    paul

Follow-Ups:
- Re: divergent interpretations of IKE/IPsec - interop issues
  - From: Richard Guy Briggs <rgb@conscoop.ottawa.on.ca>

References:
- divergent interpretations of IKE/IPsec - interop issues
  - From: Christophe Gouault <christophe.gouault@6wind.com>
- Re: divergent interpretations of IKE/IPsec - interop issues
  - From: Joern Sierwald <joern@f-secure.com>

Prev by Date: Re: pre-shared key v RSA encryption or RSA signature authentication modes
Next by Date: RE: remove TS from IKEv2 (RE: Addresses in traffic selectors in IKEv 2)
Prev by thread: Re: divergent interpretations of IKE/IPsec - interop issues
Next by thread: Re: divergent interpretations of IKE/IPsec - interop issues
Index(es):
- Date
- Thread