On 07/07/2010, at 12:59 PM, Rob Austein wrote: > At Wed, 7 Jul 2010 10:35:09 +1000, Geoff Huston wrote: >> >> As I recall TLS was used as a convenient mechanism to prevent forms >> of replay attacks. > > That was indeed the theory back in the day. In practice, the way we > ended up using TLS does not provide any replay protection worth > mentioning, as discussed on this list back in late April. > >> What protection is provided against replay attacks in the absence of >> TLS? > > Again, discussed on this list in late April. In brief: at the moment > we have no replay protection, adding it would not be hard, and > removing TLS wouldn't make it any harder.
Discussed in November and April as far as I can see: Steve Kent: 3 November 2009 "My recollection differs somewhat. I think what Russ and I suggested was using TLS to enable session-level protection, which includes two-way authentication at the time of session creation (as an input to access control for the server), session integrity (i.e., dropped or re-ordered packets are detectable), and session authentication (i.e., all packets belonging to the same session are verified as such). Anti-replay at the session level and within a session are two facets of this protection suite." Steve Kent: 4 November 2009 "I understand your comment that HTTP per se has no real session flavor. Not surprising since it was designed to support stateless query/response exchanges. That was changed as cookies were added to enable better support of state, without changing the base protocol in a fundamental way. I am not enough of an HTTP guy to know what are appropriate ways to get the session flavor that we want, taking advantage of the TLS/HTTPS combination. I'm tempted to suggest use of IPsec, but I'm biased :-)." Russ Housley: 28 April 2010 "This seems quite reasonable to me." ["This" is referring to dropping of TLS] hmmm - I'm not sure that there was any clarity of resolution so far in terms of the traffic on the mailing list. I also have not seen any alternate approach to replay protection on the WG mailing list other than your assertion that "adding it would not be hard". It would help me (and maybe other WG folk) to understand the degree of difficultly here if we were to move on from such assertions and looked at specific mechanisms that would provide such replay protection. _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
