[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [CGA-EXT] SEND checksum issue in current RFC 3791 - update needed
Eric,
I agree that we should stick on A. However, it is that obvious from the
current RFC 3791. Clarification/update will help on this.
Sheng
> -----Original Message-----
> From: Eric Levy-Abegnoli [mailto:elevyabe at cisco.com]
> Sent: Thursday, September 17, 2009 3:55 PM
> To: Sheng Jiang
> Cc: 'Arnaud Ebalard'; 'wdwang'; cga-ext at ietf.org
> Subject: Re: [CGA-EXT] SEND checksum issue in current RFC
> 3791 - update needed
>
> Sheng,
> Currently, I see onle one possibility, which is A. It is
> un-ambiguously specified in rfc3971. And it has been
> implemented by multiple vendors. Moving to B would not be
> backward compatible and would create inter-operability issues.
> Eric
>
> Sheng Jiang a écrit :
> > Hi, Arnaud,
> >
> > Yes, it is an issue must be clearly clarified in the specification.
> > Actually, there are two possibility here (which makes more
> important
> > that specification should be clearly follow only one of them):
> >
> > A, if we would like to follow the drscription in Section 5.2.1 RFC
> > 3791, the input of RSA signature should be a checksum calculated
> > without RSA signature and it will be recalculated after signature
> > attached. On the receiver side, ICMP checksum should be validated,
> > then signature validate, then maybe checksum validate again.
> >
> > B, more efficiently, on the sender side, as you said, the
> input of RSA
> > signature should be a checksum with all 0, and after signature
> > attached, the checksim is computed over the whole packet. However,
> > this makes the signature over checksum totally meaningless.
> > Alternatively, we may take checksum bits out from the RSA
> signature input.
> >
> > Additionally, there are intercommunication issues if a sender use A
> > implementation and a receiver uses B implementation.
> >
> > Sum up, an update over the current definition RFC 3791 is needed on
> > this issue.
> >
> > Cheers,
> >
> > Sheng
> >
> >
> >> -----Original Message-----
> >> From: Arnaud Ebalard [mailto:arno at natisbad.org]
> >> Sent: Thursday, September 17, 2009 2:02 PM
> >> To: Sheng Jiang
> >> Cc: cga-ext at ietf.org; 'wdwang'
> >> Subject: Re: [CGA-EXT] SEND checksum issue in current RFC
> >> 3791 - update needed
> >>
> >> Hi,
> >>
> >> Sheng Jiang <shengjiang at huawei.com> writes:
> >>
> >>
> >>> During our implementation of SEND & CGA, we discovered an
> >>>
> >> issue in the
> >>
> >>> current RFC 3791, described as the following. An update is
> >>>
> >> needed to
> >>
> >>> solve this issue.
> >>>
> >>> Checksum issue in the current SEND definition RFC 3791.
> >>>
> >>> In Section 5.2, RFC3791, digital signature is defined to
> sign data
> >>> include checksum fieds from ICMP header (bullet item 4),
> >>>
> >> which should
> >>
> >>> already be calculated during the construction of message
> (the first
> >>> step in Section 5.2.1). After RSA signature is attached,
> >>>
> >> the original
> >>
> >>> checksum value is no longer valid. It should be
> >>>
> >> recalsulated. However,
> >>
> >>> this was not clearly defined in RFC 3791. More importantly, the
> >>> correspondent validation rule must be defined on the
> >>>
> >> receiver side too.
> >>
> >> I already reported that same issue some time ago and the
> good way to
> >> understand the spec is to compute the signature over the
> packet with
> >> the checksum field to 0. Then, the checksum is computed over the
> >> whole packet. But I agree that the spec is unclear on that.
> >>
> >> See my post and Eric's reply here:
> >>
> >>
> http://www.ietf.org/mail-archive/web/cga-ext/current/msg00098.html
> >>
> >> Cheers,
> >>
> >> a+
> >>
> >
> > _______________________________________________
> > CGA-EXT mailing list
> > CGA-EXT at ietf.org
> > https://www.ietf.org/mailman/listinfo/cga-ext
> >
> >
>