SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    IPS: Schedule and Security Update



    -- Schedule
    
    New set of milestones will be coming in the near future (this week,
    I hope).  We're not going to be able to meet the current milestones (main
    protocols finished and submitted to the IESG by the end of September).  A
    rough guess is that major technical work on the main protocols should be
    basically complete by the end of this year (i.e., the final set of technical
    issues should be on the Salt Lake City agenda for closure).  Security is a
    visible reason, and then there's the last 10% of the details that will
    take the proverbial "other 90%" of the time ...
    
    -- Security
    
    A number of thing have been happening in this area that may not be visible
    to everyone.  This section is all about iSCSI, although it also applies to
    FCIP and iFCP to the extent that they want to follow iSCSI's direction.  At
    the moment, iSCSI has open technical issues in (at least) the following four
    areas of security, all of which are potential discussion topics for the
    interim meeting (although the first one would be for clarification only -
    disputing that set of requirements is not a good use of meeting time).
    
    - Requirements
    
    The question of whether security could be optional for FCIP was brought to
    the IESG Plenary in London, and the result was a definitive "NO - security
    is a 'MUST implement'".  Between this and my discussion of the saag whyenc
    draft (draft-ietf-saag-whyenc-00.txt) with both our ADs and the one security
    AD who was in London, we should assume that the IESG will add
    confidentiality
    (i.e., encryption) to the current requirements that iSCSI, FCIP and iFCP
    "MUST implement" authentication and keyed cryptographic data integrity.
    
    - Keying and Rekeying
    
    iSCSI needs an automatic keying and rekeying mechanism (and it will be
    "MUST implement").  There are currently a couple of active proposals to
    do this:
    
    o Use SRP (or some other inband authentication protocol) to generate ESP
    	keying material.  See draft-black-ips-iscsi-security-00.txt, which
    	I hope to revise to -01 by the end of the week.  This draft also
    	contains a general discussion of security requirements.
    o Use IKE.  A draft on this should be coming on this in the next few days
    	from Bernard Aboba and a bunch of folks who have been working on
    this.
    
    Both of these proposals are headed in the direction of end-to-end security
    that would make it difficult to use an off-the-shelf IPsec security gateway
    to meet iSCSI's "MUST implement" security requirements.  The SRP approach
    generates the keys outside the gateway, and there's no standard protocol to
    insert the keys into the gateway, and the IKE draft wants to use transport
    mode ESP instead of tunnel mode (gateways generally use tunnel mode).  Based
    on discussions with Marcus Leech (security AD) and Steve Bellovin (IAB
    member and security expert), this end-to-end security direction is the
    preferred approach (vs. saying "just use IPsec gateways").
    
    - Algorithm Selection
    
    We need to select encryption and keyed MAC (keyed cryptographic integrity)
    algorithms.  This area is somewhat in flux, because a new generation of
    these
    algorithms is becoming usable - this is about using AES and UMAC instead of
    3DES and HMAC.  More details should be in the forthcoming IKE draft.  The
    new draft charter for the IPsec WG indicates that they intend to complete
    work on the drafts needed for these algorithms (and a draft to extend the
    ESP sequence number for high-speed implementations) in the next few months
    (and will take all the help they can get in generating those drafts).
    
    - Authentication
    
    We've been a bit vague on exactly what is being authenticated (e.g.,
    machine, user), and authentication requirements beyond the fact that
    we need authentication.  The two drafts noted above contain some material
    that makes a start in that direction, but some additional thought (and
    text) will be needed to ensure that we have the right authentication
    mechanisms specified/required.  In the case of IKE, this includes
    requirements on the relationship between iSCSI and IKE authentication
    if both are performed, fortunately Bernard Aboba worked on l2tp security
    which has some analogous issues.
    
    Thanks,
    --David
    
    ---------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 42 South St., Hopkinton, MA  01748
    +1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
    black_david@emc.com       Mobile: +1 (978) 394-7754
    ---------------------------------------------------
    


Home

Last updated: Tue Sep 04 01:04:02 2001
6315 messages in chronological order