[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multiple security mechanisms

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: Multiple security mechanisms
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
Date: Wed, 9 Aug 2006 15:29:00 +0300
Cc: shim6-wg <shim6@psg.com>
In-reply-to: <3F3228B9-F0EF-4E2E-8177-E53A3409101C@muada.com>
References: <3F3228B9-F0EF-4E2E-8177-E53A3409101C@muada.com>

Hi Iljitsch,
El 09/08/2006, a las 14:11, Iljitsch van Beijnum escribió:

[BTW: I'm reposting three messages from last week that I don't thinkmade it to the list.]
How about the following to move forward in the dicussion on HBA/CGApatent issues and the need/want for other security mechanisms:
I still have to do a full review of the shim6 proto spec, but the wayI understand it, today, the security mechanism (HBA) is either anintegral part of the signalling, or it's encapsulated into the shim6signalling protocol.
What if we make this the other way around? So we isolate the shim6signalling from the security and then allow multiple securitymechanisms to encapsulate the signalling and send it over the wireusing appropriate mechanisms. For the current stuff this would looklike this:
[shim header][shim signalling][HBA/CGA]

or

[shim header][HBA/CGA][shim signalling]
The changes, if needed, should be minimal: just move the HBA/CGA stuffand the shim6 signalling to opposite ends of the packet so they can beeasily separated.

i think it would be possible to achieve something similar to what youare after with the current spec

The current spec defines the Locator List Option Format where thealternative locators are carried.Fro each of the locators contained in the list, there is a fieldcalled Verification Method that states which is the verificationmethod for this locator. So, for each verification method, you wouldneed additional verification information that needs to be conveyed inthe message. In the case of HBA/CGA, there are two options defined,namely, CGA Parameter Data Structure Option Format to carry theparameter data structure and the CGA Signature Option Format forcarrying signature information (in the case of CGA)

If we want to support a different security method, what we need to dois:-Define a value of the Verification Method field, so that we can includethe new verification method in the message (that is easy)

Define new options to carry additional information required by thesecurity method if required.

For the case of IPSec for instance, this wouldn't be necesary, i guess.If the packet passes the AH /ESP verification and the propercertificate or manually configured pre shared is in placed, then thelocator is validated.

Similar approach could be used with TLS i guess.

From the protocol perspective, adding this mechanisms is trivial. Iguess that the compexity is likely to be in the interaction between theprocesses in the host itself, but i would expect this to work

regards, marcelo

Then, if someone were to take it upon themselves to specify shim6 withTLS security or shim6 with IPsec security, that would look like this:
[tcp][tls([shim signalling])]

[esp([udp][shim6 signalling])]

[ah][udp][shim6 signalling]
Additionally, the TLS/IKE people can define extensions to theirprotocols to signal the capability to do shim6 and if both sidessupport it and the necessary prerequisites are met (certificates atboth ends, for instance), they can trigger a shim signalling exchangeprotected by TLS or IPsec so we wouldn't need to implement complexcapability negotiations in shim6, and if desired, the shim6 signallingcan be encrypted for additional security.

References:
- Multiple security mechanisms
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Multiple security mechanisms
Next by Date: Re: IPsec Issue Discussed for Shim6 at IETF Meeting July 10, 2006
Previous by thread: Multiple security mechanisms
Index(es):
- Date
- Thread