[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Rekey of IKE-SA

To: "David Faucher" <dfaucher@lucent.com>
Subject: Re: Rekey of IKE-SA
From: Charlie_Kaufman@notesdev.ibm.com
Date: Mon, 25 Nov 2002 21:09:04 -0500
Cc: ipsec@lists.tislabs.com, owner-ipsec@lists.tislabs.com
In-Reply-To: <00b001c294a7$27705e00$23f22b42@mv.lucent.com>
Sender: owner-ipsec@lists.tislabs.com

David Faucher wrote:
> I believe IMHO, that there needs to be a mechanism for
> avoiding a collision on an IKE-SA rekey. In its absence
> nodes may end up assigning ownership of the child-SAs to
> different IKE-SAs.
>
> This subject has been brought up before (May 2002) but
> without a firm resolution.

What would you recommend. At the suggestion of someone I
talked with at IETF, I added language suggesting that if
you find yourself with redundant SAs that you should wait
a random amount of time (for jitter) and then close one.
I was about to claim that a probabilistic solution was the
best you could do when it occurred to me that we could do
better. We could say that if both ends try to rekey at once,
the SA with the smallest nonce (of the four nonces) should
be closed. Technically, it's still a probabilistic solution,
but the probability of a nonce collision should be
vanishingly small.

          --Charlie

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).

References:
- Rekey of IKE-SA
  - From: "David Faucher" <dfaucher@lucent.com>

Prev by Date: IKEv2 use of HMAC-SHA-1 for Key Derivation
Next by Date: Re: IKEv2 use of HMAC-SHA-1 for Key Derivation
Prev by thread: Re: Rekey of IKE-SA
Next by thread: IKE header
Index(es):
- Date
- Thread