Hi Paul: >> It is more fragile too. You must perform periodical rekey (update keys) >> and this must be done synchronously. All the rekey problems that were >> solved by IKE will arise again. > > Indeed! For example, if the ESP algorithm is an AEAD, and the endpoint > reboots, and the central unit re-issues the same key,
[Rafa] Just a clarification, the central unit (Security Controller) will never re-issue the same key (it is pseudo-randomly generated by the controller) Moreover the controller will know when to do the rekey and the end point the requires it. We have those notifications (expires) in our YANG model for this reason. > the endpoint will > re-start the GCM counter at 1, thereby compromising the security and in > effect leaking the private key. > > IKE is a lot more then just a channel to shove private keys and > src/dst policies to endpoints. I would much rather see a minimal-IKEv2 > implementation then this "non-IKE" style solution. > > Paul > > _______________________________________________ > I2nsf mailing list > i2...@ietf.org > https://www.ietf.org/mailman/listinfo/i2nsf ------------------------------------------------------- Rafa Marin-Lopez, PhD Dept. Information and Communications Engineering (DIIC) Faculty of Computer Science-University of Murcia 30100 Murcia - Spain Telf: +34868888501 Fax: +34868884151 e-mail: r...@um.es -------------------------------------------------------
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec