Hello Alberto,
Answers inline.
On Fri, 9 Apr 2010, Alberto García wrote:
[...]
Yes, I see the problem, good point.
This may also occur for MIPv6 when a node switches from communicating with
the MN to the Secure Proxy ND, and viceversa.
I think the solution is to assume that timestamp checking must be performed
independently for the different possible sources (the MN, the Secure Proxy
ND, the MAG), i.e. process the timestamp of a message received for the first
time from a proxy as if it were the first message of a communication.
Therefore, I would replace rule 5 in 5.2.2 of draft-ietf-csi-proxy-send-03
with two rules (which separate timestamp and nonce for the sake of clarity):
"5. The Timestamp option MUST be processed as specified in
[RFC3971] Section 5.3.4, except for replacing 'RSA Signature
option' by 'PS option'. The receiver SHOULD store the peer-related
timing information specified in [RFC3971] Section 5.3.4.1 and 5.3.4.2
(RDlast, TSlast) separately for each different proxy (which can be
identified by the different Key Hash values of the proxied message) and
separately from the timing information associated to the IP of node for
which the message is proxied. In this way, a message received for the first
time from a proxy (i.e. for which there is no information stored in the
cache) SHOULD be checked as messages received from new peers (as in
[RFC3971] section 5.3.4.2).
6. The Nonce option MUST be processed as specified in
[RFC3971] Section 5.3.4, except for replacing 'RSA Signature
option' by 'PS option'. "
[...]"
I think it is not necessary to say that if the message is later received
from the original host (not from the proxy), the Timestamp is checked with
the time values specific to the host (not with the values specific to the
proxy).
I think this does not introduce new security considerations: on one hand,
caches from previous sending nodes communicating don't need to be deleted,
so old messages cannot be replied; and on the other hand, security
considerations on RFC 3971 section 9.2.5 apply to the messages sent for the
first time from the proxies.
What do you think?
I think this is OK (the wording and the solution). IMHO, having separate
(RDlast, TSlast) for each entity (be it proxy or proxied node) is the
right thing to do.
I also do not see any new security concerns here.
| Or maybe I missed the part that says the clocks are implicitly
| synchronised (or something else) ? Either way, could you clarify the
| situation for me and maybe add some text in the draft about this ?
I hope the previous solution is cleaner than requiring synchronization.
Yes, way cleaner. :)
Regards,
Tony
_______________________________________________
CGA-EXT mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cga-ext
