RE: Modefg considered harmful

[Van Aken Dirk <Dirk.VanAken@thomson.net>]

Hi Derek,

See my comments below.


----------------------------------------------------------- 
As of February 12, 2003 Thomson unifies its email addresses on a worldwide
basis.Please note my new email address: dirk.vanaken@thomson.net 

Thomson is the leader in solutions and technologies for the entertainment
and media industries and serves its customers under its four strategic
brands: Technicolor, Grass Valley, RCA and THOMSON. 
More about Thomson: http://www.thomson.net/videochain 

> -----Original Message-----
> From: Derek Atkins [mailto:derek@ihtfp.com]
> Sent: woensdag 12 februari 2003 18:33
> To: Van Aken Dirk
> Cc: ipsec@lists.tislabs.com; Scott G. Kelly
> Subject: Re: Modefg considered harmful
> 
> 
> Van Aken Dirk <VanAkenD@thmulti.com> writes:
> 
> > Hi Dereck ;-)
> 
> Close, but no cigar.  Try agian..
> 
> > BTW, after 20 years of BOOTP/DHCP new options are still 
> being defined due to
> > the ever changing network environment. Why would this not 
> be the case for
> > IKEModeCfg ?
> 
> I'm not necessarily arguing for IKEModeCfg.  I'm arguing that IKE
> needs to be involved in the configuration process.

I can understand your argument in the sense that IKE is doing the
authentication of the identity and that somehow we want to bind this
identity to an inner IP address. But on the other hand for static
configurations this binding is not performed. e.g. Assume two SGW's talking
to each other, both proxying for static networks behind them. An IKE phase 1
is set-up, authentication of identity is performed, phase 2 ID's are
exchanged and if these match SPD entries, the SA's are established. Spoofing
inner IP addresses can easily accomplish in this situation too don't you
think ?

Why should the road warrior/dynamic IP case be more secure than the
SGW/static case ?
Of course we should try to achieve the most secure solution however IMHO it
might not be the main driver behind protocol choices; I agree that it might
influence this kind of choice marginally no ?

As an afterthought we are more comfortable with static IP config and somehow
we intuitively attribute better security to this and we are even take less
precautions in static configurations.  

<Trimmed>
> I'm just saying that you SHOULD NOT create an ESP tunnel for DHCP and
> then just use the results, because there is no binding of the IKE
> Phase-1 address to the results of the DHCP.
> 
> The one argument I have heard about why ModeCfg is better is that it
> is bounded.  Necessarily because it is only negotiating an IP address
> it can always complete in two messages.  Can you guarantee that DHCP
> will always complete in two messages?  in four?

I agree with you that as long as communication channels are insecure, a key
establishment protocol must use the least amount of messages as possible to
arrive  at a secure channel. As soon as the channel is secure, I'm less
concerned about how many messages are needed for full IP configuration.
Again I agree with you that regarding IP address assignment IKEModeCFG is
more efficient compared to DHCP. However I took a few traces and was a
little bit surprised about the amount of information that is also
distributed via IKEModeCfg messages. In the end both protocols might need
the same bandwidth.
> 
> Similarly, I see nothing wrong with ModeCfg just configuring the IP
> Address, and then using DHCP to obtain all the other configuration
> once the network is up.  Indeed, modecfg could even provide the dhcp
> address ;)

I guess there is consensus on this point; great ! So at least let's make the
DHCP server attribute in IKEModeCfg as a MUST implement otherwise people
cannot rely on it.

Thanks - Dirk
> 
> -derek
> 
> -- 
>        Derek Atkins
>        Computer and Internet Security Consultant
>        derek@ihtfp.com             www.ihtfp.com
>