SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    IPS Security draft Last Call Comments



    Here are my IPS Security draft last call comments.  Overall, it's a
    nicely written draft - kudos to the authors and contributors.
    
    A quick glance at the normative references (and the fact that the main
    protocol drafts have to make a normative reference to the security draft)
    suggests that the security draft will be the center of an IPS draft
    "hairball" (a bunch of drafts that have to be published as RFCs at the
    same time, due to normative references) - this doesn't appear to be
    easily avoidable, but it looks like all of the drafts involved are
    quite close to done, with one exception ...
    
    -- Technical
    
    [1] AES Counter mode is not making good progress in the ipsec WG.  To avoid
    having this hold up everything, I propose the following approach:
    
    (1) Take the relevant IP Storage WG drafts through WG Last Call with the
    	AES Counter mode SHOULD as it currently stands (i.e., make no
    changes
    	to this now).
    (2) Put an item on the IPS Yokohama agenda (and further mailing list
    discussion)
    	about whether the fallback position (if we have to take out the
    	AES Counter mode reference) should be AES CBC or just deleting AES.
    (3) Defer the actual decision on whether to remove the AES Counter reference
    	until later this year - the mechanism to make this change would be
    	a comment submitted to the IETF Last Call.
    
    Don't panic ... this should not impact the time required to get the IPS
    drafts out as RFCs.  In some sense this is a Last Call "Non-comment" as
    I'm proposing to defer this issue to IETF Last Call, but work out in
    advance how it will be dealt with.
    
    [2] p.13: Section 2.3.3 IKE
    
    I have a concern with the following text:
    
      The Phase 2 Quick Mode exchanges used by IP block storage protocol
      implementations MUST explicitly carry the Identity Payload fields (IDci
      and IDcr).  Each Phase 2 IDci and IDcr Payload SHOULD carry a single IP
      address (ID_IPV4_ADDR, ID_IPV6_ADDR) and a single non-zero port number,
    
    The "and a single non-zero port number" wording applies a SHOULD
    to a finer granularity of SAs than we might like - for a simple situation
    of one Initiator, one Target, dynamically allocated Initiator TCP ports and
    a single Target contact port, the result is that the Initiator SHOULD use
    an SA per connection, whereas the Target MAY use a single SA to span all
    connections.  I suggest just deleting the "and a single non-zero port
    number" wording to remove this asymmetry as a SHOULD for using a dynamically
    allocated port as an identifier doesn't make a lot of sense.  Requiring
    IDcr to be a single port in this sort of situation is somewhat more
    justifiable, but I don't think it's necessary.
    
    If that change is made, the "MUST" does not appear to be necessary,
    as RFC 2409, Section 5.5 says:
    
       The identities of the SAs negotiated in Quick Mode are implicitly
       assumed to be the IP addresses of the ISAKMP peers, without any
       implied constraints on the protocol or port numbers allowed, unless
       client identifiers are specified in Quick Mode.
    
    I would rephrase the text to say "If the Phase 2 Quick Mode exchanges used
    by IP block storage protocols carry the Identity Payload ..." and
    possibly add a comment if security policy requires restricting the
    identity to a single port, then the corresponding Identity Payload must
    be used.
    
    [3] p.21 SLPv2 security implications
    
    I suggest expanding the paragraph starting with:
    
      This can be accomplished by restricting the issuance of certificates
      valid for use in SLPv2 service advertisement.
    
    This paragraph describes the approaches of using a different CA to
    issue certificates valid for SLPv2 and putting explicit SLPv2 authorizations
    into the certificates.  Both of these involve certificates that may be
    specific to SLPv2.  An approach that avoids this would be to record the
    identities allowed in each client that uses SLPv2 - this is primarily
    useful when DAs are used, as one would then only need to record the
    allowed identities of the DAs and trust the DAs to enforce policies
    about who can register what with them.  This approach is of interest
    only because it avoids certificate customization for SLPv2.
    
    [4] p.25: Section 2.6.4 iSNS Server Implementation Requirements
    
    The following text appears to have been overlooked in the changes
    after Minneapolis:
    
      The implementation
      MUST conform to [RFC2401] requirements for support of ESP in transport
      mode.  Section 4.1 of [RFC2401] states:
    
         a) A host MUST support both transport and tunnel mode.
         b) A security gateway is required to support only tunnel
            mode.  If it supports transport mode, that should be used
            only when the security gateway is acting as a host, e.g.,
            for network management.
    
    It should be replace with "MAY support transport mode" or the equivalent.
    
    [5] p.25: Section 2.6.4 iSNS Server Implementation Requirements
    
      Manual keying SHOULD NOT be used
      since it does not provide the necessary rekeying support.
    
    I think this should be rephrased to talk about consistency with
    the IP Storage protocols that iSNS provides information for.  The
    issue leading to the SHOULD NOT for manual keying is that IP Storage
    protocols can be expected to send data in high volumes, thus using
    up sequence number space and the like at a fairly rapid clip.  iSNS
    is not going to be sending a lot of data, and if we were considering
    only iSNS in isolation, manual keying might be defensible.  Overall,
    I think the "SHOULD NOT" is correct, but it needs to be justified
    via consistency of policies/mechanisms in an IP Storage infrastructure.
    
    [6] p.31, last paragraph before Section 4:
    
         Note that if both ends of the connection are on the same segment,
         then traffic will be effectively protected by the layer 2 CRC, so
         that negotiation of the iSCSI CRC is not necessary.
    
    Please add "to protect against NIC and network errors, although it may
    be desirable for other reasons (e.g., [1] and [2] above)." to the end of
    the sentence.
    
    --Editorial
    
    p.11, second bullet:
    
        These sizes are
        intended as rough order of magnitude guidance, and should not be
        taken as hard Targets or limits (e.g., smaller code sizes are
        always better).
    
    "Targets" should be lower case "targets".
    
    p.27, top of page:
    
        An iSCSI session [iSCSI], comprised of one or more TCP connections, is
        identified by the 2-tuple of the Initiator-defined identifier and the
        Target-defined identifier, <ISID, TSID>.  
    
    TSID has been renamed TSIH, just change it, don't ask ... and there are
    additional TSID occurrences elsewhere in the draft that need this change.
    
    p.30, 3rd paragraph in Section 3.6:
    
        IPsec offers protection against an attacker attempting to modify packets
        in transit, as well as unintentional packet modifications caused by
        router malfunctions.
    
    Change "router malfunctions" to "network malfunctions or other errors" for
    generality.
    
    p.30, next sentence
    
        In general, IPsec authentication transforms afford
        stronger integrity protection than both the 16-bit TCP checksum and the
        32-bit application-layer CRC that has been proposed for use with iSCSI.
    
    Change "has been proposed" to "is specified".
    
    Thanks,
    --David
    
    ---------------------------------------------------
    David L. Black, Senior Technologist
    EMC Corporation, 42 South St., Hopkinton, MA  01748
    +1 (508) 249-6449 *NEW*      FAX: +1 (508) 497-8500
    black_david@emc.com         Cell: +1 (978) 394-7754
    ---------------------------------------------------
    


Home

Last updated: Fri Jun 28 17:18:48 2002
11014 messages in chronological order