I can see that manual keys are helpful for debugging, but otherwise I think they SHOULD NOT be used.
Russ On Dec 7, 2016, at 11:11 AM, Tero Kivinen <[email protected]> wrote: > The RFC4301 requires support for manual keys (section 4.5), but I hope > nobody really uses them. The rfc7321bis provides mandatory to > implement algorithms for the IKEv2 use, and does not really > specifically cover manual keys cases, but it does not really say that > manual keyed SAs are out of scope either (like it does say for IKEv1). > > The issue is that some of the conformance logo documents actually do > require manual keys, and to gain those logos implementors need to add > support for manual keyed SAs even when nobody is really going to use > them (i.e., adding support for manual keys for android VPN client > seems little stupid). > > On the other hand if you use the rfc7321bis requirements for also > manual keys, there is only one suggested cipher that can be used, > namely ENCR_AES_CBC. > > None of the counter mode ciphers are safe to use with manual keys, and > for example RFC4106 (AES-GCM) requires using automated key management. > The RFC4309 (AES-CCM) says that it "should not be used with statically > configured keys", and that "MUST use fress keys". RFC7634 > (Chacha20-poly1305) does not explictly say anything about manual keys, > but says it gets bitstring called KEYMAT from IKE... > > If we assume rfc7431bis can be used with manual keys too, we need to > add some more text saying these ciphers cannot be used with manual > keys. > > Anyways, I think it should be time to mark manual keys as SHOULD NOT. > We had it in 4301 as MUST to implement as we assumed that it could be > used to fill in keying material from other source than IKE to the > IPsec architecture. I do not think that is really happening, I think > those other automated key management systems will also generate > dynamic keys, and are feeding them in using similar APIs we have for > IKEv2. Also manual keys were useful when doing initial IPsec testing > in interops, but I have not used them for that purposes in last > decade or so... > > Perhaps we should add note to the rfc7431bis that manual keys SHOULD > NOT be used, and mark it as updating RFC4301? > > Or should we have separate RFC stating that? > > I do not want to change it to MUST NOT as that would require people to > remove parts of their implementations to stay complient, but on the > other hand I do not want people to wasting their time to implenting > interface to configure manual keys when nobody is going to use them. > -- > [email protected] > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
