At 11:14 AM -0700 1/5/10, Grewal, Ken wrote:
Yes to both, based on arguments already discussed numerous times in the WG via presentations, 12 iterations of the draft and multiple WG last calls + AD reviews!

The main motivation for extending the ICV was to counter some of the issues originally raised by Steve Kent - malicious entities modifying portions of the WESP header to bypass legitimate parsing of the packet by Trusted Intermediary (TI) devices such as IDS/IPS/etc. This can be addressed by the recipient explicitly validating the WESP header before accepting the packet or implicitly by including the WESP header as part of the ICV check.

My recollection is that I identified a vulnerability that arose because of the potential for a mismatch between what a TI checked and what the receiver acted upon, irrespective of how that mismatch arose. I think I suggested that this vulnerability might be remedied by requiring the receiver to verify that the WESP header info was consistent with what the receiver was acting upon, as part of WESP processing. The current I-D calls for this check to be performed by the recipient. Above you state that:

"This can be addressed by the recipient explicitly validating the WESP header before accepting the packet or implicitly by including the WESP header as part of the ICV check."

I disagree with the "or" in this sentence, for two reasons. First, the I-D calls for the receiver to perform the consistency check, so it's not an "or." Second, it would not suffice to perform JUST the ICV check you described, since that would not address the possibility that the sender created the misleading WESP header.

The motivation for allowing WESP to be used for encrypted data was brought up as a consistency argument and also allows for future extensibility in a uniform manner. I agree that this was not part of the original charter, as shown in the earlier revisions of the WESP drafts.

It appears that we agree that it was out of scope (although others do not), and that the principle motivation cited was to allow for extensions. The phrase :in a uniform manner" is, I believe, shorthand for extensions that apply to encrypted traffic, right?

BUT, this was discussed numerous times within the WG (including an open ticket on scope) and it was agreed that this would be a useful bit to include in the flags, hence introduced in the latter revisions of the draft.

I have already admitted that I lost track of this aspect of the discussion, among all of the ticket items that the WG has processed. (BTW, I congratulate Paul and Yaron for doing a very good job of managing such a large number of issues in a detailed fashion. The fact that I, and maybe a few other folks, lost track of the details on one of the many items being worked is not a reflection on the management style that have employed.)

When I re-read the I-D during IETF last call, I was surprised to learn that ESP processing had been changed, so cause the ICV to cover non-ESP fields. This seems to be unnecessary and it is a bad design, in my opinion.

Note that this does not mandate using WESP for encrypted traffic, but allows it as optional and can be dictated as part of the session setup based on local policy. Another benefit may be that in running mixed mode environments (encrypted + ESP_NULL traffic), it allows for an explicit distinction from the packet that certain traffic is encrypted and other traffic is not. Otherwise, one would use ESP and WESP in these mixed mode environments and to be absolutely sure if ESP traffic is encrypted or not, would need to fall back to heuristics, which somewhat defeats the object of having this spec.

If local policy can be used to dictate whether WESP is or is not used for encrypted traffic, then that policy also can dictate that ESP is used only for encrypted traffic. Even in an environment where some but not all hosts support WESP, I don't see the need for this flag. A host that is WESP capable need not use WESP for encrypted traffic; it can use ESP. if so, then ITs see three classes of traffic:
        - encrypted using ESP
        - integrity-protected using WESP
        - integrity-protected using ESP

The third class of traffic poses a problem for the ITs, but adding the encrypted flag to WESP does not seem to address that problem.

Steve
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to