[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure legacy authentication for IKEv2

To: IPsec WG <ipsec@xxxxxxxxxxxxxxxxx>
Subject: Re: Secure legacy authentication for IKEv2
From: Michael Richardson <mcr@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 01 Jan 2003 13:39:47 -0500
In-reply-to: Your message of "Wed, 01 Jan 2003 01:03:04 +0200." <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Hugo" == Hugo Krawczyk <hugo@xxxxxxxxxxxxxxxxx> writes:
    Hugo> However, SLA with "proprietary" formats does not solve the problem, it just
    Hugo> makes it harder for people to use these methods. It requires defining an SLA
    Hugo> profile for these methods, but if such a profile is created then the mitm
    Hugo> problem is there again.

  You are probably right.
  If we can make it work with EAP, I think that we should. If we have to push
on the EAP folks to give us something so that we can bind things together
properly - giving Bob half a chance here - then I think we should go that
way.
  
    Hugo> 1) ipsec people can live with doing ONLY weak [*] methods such as those
    Hugo> defined in the SLA profiles now (Secure-id, OTP, chall/resp) for which the
    Hugo> specific encapsulation method (SLA-specific or EAP) makes no difference to
    Hugo> their security 

  Can we get some other vendor/consultant opinion here?   

  My mandate within FreeS/WAN says that I'm supposed to try to replace this
stuff with public key stuff. Previous hats that I've worn as a firewall
vendor were sufficiently long ago, that people still thought S/Key was "neat".

  My consulting experience is with people who outgrow PSK and are scared of PKI.
They aren't going to go buy X9.9 devices for everyone.
  
  My impression is that the push to support these systems is largely coming
from people who have money invested in:
     1) SecurID cards
     2) X9.9 devices (CryptoCard, etc...)
     3) NT-domain authentication/radius  (i.e. passwords which can not be used as
					 PSKs, due to secret being
					 unavailable to Bob)
     
  Kerberos based methods would be better supported by KINK. Or, is KINK on
the list due to it being supported by EAP?

  The reason for asking this, is because I really think that this is about
*legacy* - and by this, I mean - things already paid and deployed.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@xxxxxxxxxxxxxxxxxxxxxx http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPhM11oqHRg3pndX9AQE/kQP6A2ayP6RFBh5KTJCC/O6+JEtLeMwCVkZC
MbZJyKsL4nL+l3Et4BQCCbtPm3C53QkAVI+Jaw8UdgITvPn7BZKBUdMKufUQHzxW
LpOe7Gb1LYaxltgRhAa4W8Jn+rwU99X4v/Sl0GL6WJxJSlKolQDDaABbVJTgHHhO
e78MHN50yIc=
=W+g0
-----END PGP SIGNATURE-----

References:
- Re: Secure legacy authentication for IKEv2
  - From: Hugo Krawczyk

Prev by Date: Re: Summary of MITM attacks with legacy authentication
Next by Date: Re: I-D ACTION:draft-ietf-ipsec-udp-encaps-05.txt
Previous by thread: Re: Secure legacy authentication for IKEv2
Next by thread: Re: Secure legacy authentication for IKEv2
Index(es):
- Date
- Thread