North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: key change for TCP-MD5

  • From: Steven M. Bellovin
  • Date: Mon Jun 19 10:20:14 2006

On Mon, 19 Jun 2006 15:40:50 +0200, Iljitsch van Beijnum
<[email protected]> wrote:

> On 19-jun-2006, at 14:32, Steven M. Bellovin wrote:
> 
> > I just submitted an I-D on TCP-MD5 key change.  Until it shows up  
> > in the
> > official repository, see
> > http://www.cs.columbia.edu/~smb/papers/draft-bellovin- 
> > keyroll2385-00.txt
> > Here's the abstract:
> 
> >                 The TCP-MD5 option is most commonly used to secure
> >                 BGP sessions between routers.  However, changing
> >                 the long-term key is difficult, since the change
> >                 needs to be synchronized between different
> >                 organizations.
> >                 We describe single-ended strategies that will permit
> >                 (mostly) unsynchronized key changes.
> 
> > Comments welcome.
> 
> I wonder how long that policy will hold.  (-:
> 
I'm not certain what you mean by that, but since it sounds insulting to
someone I'll ignore it.
> 
> First of all, I applaud this effort.
> 
> There doesn't really seem to be a way to introduce a new key other  
> than to just to agree on a time. I'm not sure this is good enough.
> 
> Wouldn't it be better to exchange some kind of "time to change keys"  
> message? This could simply be a new type of BGP message that hold a  
> key ID. Obviously the capability to send and receive these messages  
> must be negotiated when the session is created, but still, I think  
> the extra complexity is worth it because it allows for much more  
> robust operation.

There are lots of good solutions if you're willing to change or introduce
protocols.  That takes a lot longer, both procedurally and technically.
This scheme is simple and single-ended, and can be implemented without
co-ordination.

We should indeed try for a better solution.  Until then, I'm suggesting
this -- I'm aiming at Informational -- to tide us over.  The need for some
such solution was quite clear during Bonica's talk in San Jose.
> 
> And is NANOG now officially an IETF working group...?
> 
First, this is draft-bellovin-..., not draft-ietf-..., i.e., an individual
submission rather than part of a working group.  Second, I'm no longer
Security AD. Third, even if this were an official IETF effort by the
Security AD, it would be rather stupid not to ask the opinion of the
people most directly affected by it. 


		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb