Benjamin Schwartz writes:
> On Mon, Feb 20, 2023 at 4:58 PM Michael Richardson wrote:
>
> Tero Kivinen wrote:
> > I mean what should other end do if the other end says he will not
> > do anti-replay checks?
>
> Not send unique relay values in the ESP.
>
> Yes but mos
Michael Richardson writes:
> Tero Kivinen wrote:
> > I mean what should other end do if the other end says he will not
> > do anti-replay checks?
>
> Not send unique relay values in the ESP.
You can already do that on multicast SAs, but for unicast SAs the
RFC4303 mandates the unique seq
On Thu, Feb 23, 2023 at 7:13 AM Steffen Klassert <
steffen.klass...@secunet.com> wrote:
> On Tue, Feb 21, 2023 at 12:45:27PM -0500, Benjamin Schwartz wrote:
>
...
> > Reusing sequence numbers is extremely unsafe in ESP. Most notably,
> AES-GCM
> > fails entirely and **leaks the shared secret** i
On Tue, Feb 21, 2023 at 12:45:27PM -0500, Benjamin Schwartz wrote:
> On Mon, Feb 20, 2023 at 4:58 PM Michael Richardson wrote:
>
> > Tero Kivinen wrote:
> > > I mean what should other end do if the other end says he will not
> > > do anti-replay checks?
> >
> > Not send unique relay valu
On Mon, Feb 20, 2023 at 4:58 PM Michael Richardson wrote:
> Tero Kivinen wrote:
> > I mean what should other end do if the other end says he will not
> > do anti-replay checks?
>
> Not send unique relay values in the ESP.
>
Yes but mostly for AH. My goal is related to draft-xu-risav, w
Tero Kivinen wrote:
> I mean what should other end do if the other end says he will not
> do anti-replay checks?
Not send unique relay values in the ESP.
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
Benjamin Schwartz writes:
> Hi IPSECME,
>
> RFC 4302 (ESP) says "if an SA establishment protocol such as IKE is employed,
> the receiver SHOULD notify the sender, during SA establishment, if the
> receiver will not provide anti-replay protection".
>
> I haven't been able to find any mechanism for
> > Another approach would be to generalize the Transform Type 5
> > as the way to control the replay protection status
> > (see draft-ietf-ipsecme-g-ikev2-07, Section 2.6.)
>
> I guess that depends on what implementations do when seeing a
> Transform Type 5 value with bit 1 set. Would we really w
On Fri, 17 Feb 2023, Valery Smyslov wrote:
In IPsec the replay protection is a local matter of receiver,
the sender must always increment the Sequence Number as if
the replay protection is always on.
Right.
Another approach would be to generalize the Transform Type 5
as the way to control th
Hi,
> > Hi IPSECME,
> >
> > RFC 4302 (ESP) says "if an SA establishment protocol such as IKE is
> > employed, the receiver SHOULD
> notify the sender, during SA establishment, if the
> > receiver will not provide anti-replay protection".
> >
> > I haven't been able to find any mechanism for this
e:
> On Thu, 16 Feb 2023, Benjamin Schwartz wrote:
>
> > Subject: [IPsec] Disabling replay protection
> >
> > Hi IPSECME,
> >
> > RFC 4302 (ESP) says "if an SA establishment protocol such as IKE is
> employed, the receiver SHOULD notify the sender, duri
On Thu, 16 Feb 2023, Benjamin Schwartz wrote:
Subject: [IPsec] Disabling replay protection
Hi IPSECME,
RFC 4302 (ESP) says "if an SA establishment protocol such as IKE is employed,
the receiver SHOULD notify the sender, during SA establishment, if the
receiver will not provide anti-r
Hi IPSECME,
RFC 4302 (ESP) says "if an SA establishment protocol such as IKE is
employed, the receiver SHOULD notify the sender, during SA establishment,
if the receiver will not provide anti-replay protection".
I haven't been able to find any mechanism for this in IKEv2 (or IKEv1). Is
there a w
13 matches
Mail list logo