Hi Sam, Thanks for the queries. First off the draft is located at
http://tools.ietf.org/html/draft-manral-rpsec-existing-crypto-05 and details issues in security even after the current set of security mechanisms are in place. Some issues are well known in the security community like trying to discourage the use of MD5 and instead use HMAC-SHA1 and HMAC-MD5. We have already got drafts for the same to support them in OSPF and ISIS. The issue we have here is the requirement in IPsec of the deployment of authentication identities and credentials and having a authenticating infrastructure (trusted third-party) reachable even before any of the routes are learned. What I was proposing was to instead start off using IPsec in BTNS mode (with say a GTSM check for IKE packets as the authentication mechanism for IKE packets - and no 3rd aprty authentication) and learn routes. Once this happens an optional second level of stronger authentication can be done as all routes are now available (if it is so desired). So we get the complete IPsec security - except for the fact that we rely on TTL mechanisms for the IKE at the beginning. Do let me know what you think about the idea? Thanks, Vishwas On 9/30/08, Sam Hartman <[EMAIL PROTECTED]> wrote: >>>>>> "Vishwas" == Vishwas Manral <[EMAIL PROTECTED]> writes: > > Vishwas> We can also solve the problem similarly by something like > Vishwas> BTNS(ofcourse Multicast part needs to be thought further) > Vishwas> which does not necessarily require any certificate > Vishwas> verification - so we may have unauthenticated IKE SA's > Vishwas> but then all keys for the CHILD_SA from there are > Vishwas> automatically generated. > > > Let me see if I understand this approach correctly. I want to > interact with OSPF. Somehow there is a group key that is in use on my > link. In order to obtain this key, I exchange in an unauthenticated > BTNS-style exchange with someone, and as a result of that exchange, > obtain the key? > > First, who do I perform this exchange with? Anyone who currently holds the > key? > > Second, what threats does this protect against? > > Finally, one of the things we typically desire from BTNS-style > protocols is a way to turn them into higher-infrastructure protocols when > the infrastructure is available. Can I do that with your approach? How? > > _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
