David Schinazi writes: > Here is proposed charter text for the "Mitigating privacy concerns" > section:
As there has not been any support for this item in the mailing list I do not think we will be adding it in the charter this time. > IKEv2 is currently vulnerable to the two following privacy concerns: > > 1) It's not possible to run a server that obfuscates IKEv2/IPsec > using TLS. Today thanks to RFC 8229 it is possible to run an > IKEv2/IPsec server on TCP port 443 with TLS. However if a > government agent tries to send an SA_INIT over that it will > discover that this server runs IKEv2/IPsec, and may blacklist > it. We should add a mechanism to IKEv2 that allows the server to > only respond to SA_INIT from known entities (e.g. that possess a > shared secret). > > 2) The privacy of the initiator's identity in the presence of a man > in the middle attacker is not protected Today an attacker with > full control of the network can receive the IDi/IDr sent by the > initiator in the first AUTH packet. We should add a mechanism to > IKEv2 that allows the initiator to only send IDi/IDr to known > entities (e.g. that possess a shared secret). -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
