| Re: impacts of IKEv2 early use of keying material | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Fri, 2 Apr 2004 09:08:13 -0500 (EST) | |
This is a summary of the discussions I have sent to the IPsec WG about this matter.
--Jari
-----------------------------------------------------------
This e-mail tries to summarize the discussions we had on the EAP WG mailing list and (mostly) privately between the some of the EAP state machine and methods folks. Yoshihiro, Pasi, Joe, Hannes -- feel free to add or correct as appropriate.
The question was whether one roundtrip should be eliminated from IKEv2, by making it possible (but optional) to send an AUTH payload from the client as soon as the client has generated a key from EAP, and not wait until EAP Success packet has been received from the gateway.
No strong opinions were presented, but the consensus we seem to have arrived at is that its simpler and better to spend the extra roundtrip than to add a protocol variation, a change of EAP state machine draft, and possibly some EAP method and API implementation changes for systems that want to take advantage of this.
The following points were brought up:
o Yoshihiro analyzed the potential impacts of the EAP state
machine change for 802.11 wireless LANs which also use
EAP. It was found that the change would NOT have an
impact in 802.11, i.e., from that point of view the
change is possible. o EAP in general is able to survive the loss of the
EAP Success message (which is not retransmitted). o OTOH, there is a need to define "when key is available"
precisely. Some EAP methods might have a key available
before the endpoints have authenticated each other, for
instance. EAP base specification sets requirements for
EAP methods, but it does not talk about what methods
definitions should say about the matter. Many methods
have already been defined; this might lead to different
interpretations in different implementations. o Joe brought up the possibility of EAP methods where the
client does not know whether the server is yet finished;
if the client would send an AUTH payload when its done
the server might still have to perform roundtrips. This
would have to be taken in account in the IKEv2 spec. o Number of roundtrips is a concern for many people.
But Tero's and Charlie's worry about protocol variants
is also a concern, as is the need to ensure that the
early key availability suits the particular EAP method.--Jari
-
impacts of IKEv2 early use of keying material Jari Arkko, March 19 2004
- RE: impacts of IKEv2 early use of keying material Joseph Salowey, March 22 2004
- Re: impacts of IKEv2 early use of keying material Jari Arkko, April 2 2004
Results generated by Tiger Technologies using MHonArc.