I prefer the second proposal. I would rather have one (even if longer) variation of the protocol over two variations (even if one is shorter)
With such a possible attack published, auditors are going to force large installations to use the safer (and longer) version anyway, as it is up to the gateway to decide. > -----Original Message----- > From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] > On Behalf Of Paul Hoffman > Sent: Wednesday, April 08, 2009 8:56 PM > To: IPsecme WG > Subject: [IPsec] Issue #98: 1 or two round trips for resumption > > Greetings again. Tracker issue #98 is the same as the message > that Pasi sent to the mailing list last month; see > <http://www.ietf.org/mail-archive/web/ipsec/current/msg04050.h > tml>. There is disagreement among the authors of the session > resumption draft how to deal with this issue. > > One proposal is to add text similar to Pasi's to the document > in order to let implementers understand all the things that > they might need to do to prevent damage from a replay attack. > If this is the method chosen, it should probably be as a > section in the main body of the document, not as a "security > consideration" because the issues are more operational than security. > > A different proposal is to get rid of the one-round-trip mode > and have the protocol always take two round trips. This > prevents the attack that Pasi brings up, at a higher cost for > the clients and server. > > If you have a preference between these two proposal, please > state it now. > > --Paul Hoffman, Director > --VPN Consortium > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > > Scanned by Check Point Total Security Gateway. > Email secured by Check Point _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec