Disclaimer: I mostly agree with the need for extra SeND/CGA work;
these comments are the delta that I do not agree with :)
On 2.6.2007, at 0.42, marcelo bagnulo braun wrote:
- Extensions to the IKEv2 protocol to create IPSec SAs associated to
the CGA key. Because of their cryptographic nature, CGAs are
inherently bound to the key pair that was used for their generation.
This is used in existent protocols for proving address ownership.
However, it would be possible also to use this cryptographic material
to create a security association between peers. The key benefit of
such approach is that it allows the creation of a security association
that is cryptographically bound to the IP address of the end points
without dependence on a common trust anchor point, eg. PKI. Such
approach would provide additional protection compared to the
opportunistic approaches. The proposed work will produce an analysis
of this type of solution and the required extensions to CGAs and to
the IKEv2 protocol in order to be able to create IPSec SA using the
CGAs keys.
Maybe it is just a matter of wording, but the additional protection
compared to opportunistic approaches seems slim to me. Certainly, you
have CGA-IP as bound entity as opposed to someone on return-routing
path, but you still don't have faintest idea who is using the IP. And
I thought that (for most part) security authorization issues required
something concrete to be identified (whether it is a machine, or user
of the machine), and not just 'oh, he went through CGA process to get
that IP'.
- DHCP support for CGAs. An analysis of possible approaches to allow
the usage of the DHCP protocol to assign CGAs will be produced. The
output of the analysis will be an informational document describing
the recommended approaches that will be provided as an input to the
DHC working group where the actual DHCP extensions needed for the
recommended approaches will be defined.
DHCP and security shouldn't be mixed - for laughs, look at the
current DHCPv6.. It basically assumes that all network links DHCPv6
is used on are trusted, and effectively due to that anyone on the
server-relay, or relay-client legs could 'acquire' the CGA
information if you really pushed the address+key tuple that way.
I don't see a single good reason for standardizing that but multiple
reasons why not to. If someone really cares, I can provide the
reasons off-band :)
Cheers,
-Markus
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
