[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: l2tp as ipsra solution

To: "Moshe Litvin" <moshe@xxxxxxxxxxxxxx>, "'Sara Bitan'" <sarab@xxxxxxxxxxxx>, "'IPSRA list'" <ietf-ipsra@xxxxxxxx>
Subject: RE: l2tp as ipsra solution
From: "Glen Zorn" <gwz@xxxxxxxxx>
Date: Thu, 15 Jun 2000 14:54:27 -0700
Importance: Normal
In-reply-to: <>
List-archive: <http://www.vpnc.org/ietf-ipsra/mail-archive/>
List-id: <ietf-ipsra.vpnc.org>
List-unsubscribe: <mailto:ietf-ipsra-request@vpnc.org?body=unsubscribe>
Reply-to: <gwz@xxxxxxxxx>
Sender: owner-ietf-ipsra@xxxxxxxxxxxxx

Moshe Litvin [mailto:moshe@xxxxxxxxxxxxxx] writes:

> > > I didn't say the user authentication is useless. But the user user
> > > authentication of PPP in the combination L2TP+IPsec is done AFTER
> > > the SA are
> > > established. If a complete authentication was done in IKE
> > then farther
> > > authentication is useless. If no authentication (or weak
> > > authentication) was
> > > done in IKE, then the PPP authentication is open to
> > attacks, so it is
> > > useless (or at least have VERY limmited use).
> >
> > Hmm. The only widespread implementation of L2TP/IPSec
> > tunneling of which I'm
> > aware uses public key authentication in IKE.  Are you saying that this
> > leaves PPP authentication open to attacks?
>
> No. In this case I think that the PPP authentication is useless, since a
> stronger one was performed (the certificate). I think that the machine
> should be authenticated separately from the user is extremely rare.

The cert used in IKE _is_ a machine certificate; the user is authenticated
via PPP (possibly with PK as well).  Access control is also applied by PPP,
baasedd upon the user identity.  IPSec is just used to protect the data sent
across the intervening, untrusted network.

>
> The case where the PPP authentication is open for attacks is where the IKE
> authentication is weak (for example group shared secret).
>
> > If so, we have
> > _big_ problems!
> > L2TP treats IPSec as a means to protect IP traffic on the
> > wire; apparently
> > this is considered to be inappropriate and/or dangerous?
> >
> > >
> > > There is a way to do the server authentication in IKE and the user
> > > authentication in PPP. But unfortunatly this method does
> > not appear in the
> > > IKE RFCs and quoting again from the charter "The WG strongly prefers
> > > mechanisms that require no changes to AH, ESP or IKE
> > protocols. If such
> > > changes are deemed necessary, the IPSec WG is contracted to
> > carry out such
> > > changes"
> >
> > Can you tell me what changes to IKE would be required to
> > allow L2TP/IPSec?
>
> If:
> 1. You want to L2TP/IPsec
> 2. You want to use legacy authentication (using PPP as the authentication
> protocol)
> 3. You don't want to have two credentials per user (i.e. a
> pre-shared secret
> and other token)
> 4. You want the system to be secure
>
> You have to use the hybrid mode (or something similar).
>
> >
> > > (by mistake I wrote the the charter forbeeds changes. I
> > > am glad to
> > > see that that it does not.)
> >
> > I wasn't aware that the use of IPSec to protect traffic (whether
> > authentication-related or not) violated any RFCs, but for
> > that matter, I
> > didn't know that the IKE RFCs completely defined all acceptable
> > authentication methods.
>
> First drafts of the charter did not allow mechanism that change IKE (like
> hybrid).
>
> Regard,
> Moshe
>
>
>

References:
- RE: l2tp as ipsra solution
  - From: Moshe Litvin

Prev by Date: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Next by Date: RE: l2tp as ipsra solution
Previous by thread: Re: l2tp as ipsra solution
Next by thread: Shocking LOSE 10-100lbs. DESTINY
Index(es):
- Date
- Thread