[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!

To: <kre at munnari.OZ.AU>
Subject: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
From: "Bernie Volz (volz)" <volz at cisco.com>
Date: Mon, 14 Jul 2008 10:59:39 -0400
Authentication-results: rtp-dkim-2; header.From=volz at cisco.com; dkim=pass ( sig from cisco.com/rtpdkim2001 verified; );
Cc: dhcwg at ietf.org, "Mark Stapp $mjs$" <mjs at cisco.com>
Delivered-to: ietfarch-dhcwg-web-archive at core3.amsl.com
Delivered-to: dhcwg at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=4297; t=1216047580; x=1216911580; c=relaxed/simple; s=rtpdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=volz at cisco.com; z=From:=20=22Bernie=20Volz=20(volz)=22=20<volz at cisco.com> |Subject:=20RE=3A=20[dhcwg]=20A=20new=20draft=20of=20draft- jiang-dhc-secure-dhcpv6=20is=20submitted.=20Comments=20are=2 0welcome!=20 |Sender:=20 |To:=20<kre at munnari.OZ.AU>; bh=Cd5PExwDhlV89N4NqSQc9IGNsxi5IkqnuYL7KRUoQUY=; b=q73XhhEcUz1cmwMR7YNGHqWtHJA8ozItLEqPvBWf424sMHbxCYNBpNoW8l hFIU0z/LhAHA0+hm+tyVffyDeFWs1Z1E7FJXLCakMpF8GTA2Cs2Bar+jRWfG YPJEhQI0uL;
In-reply-to: <11031.1216046188@epsilon.noi.kre.to>
List-archive: <https://www.ietf.org/mailman/private/dhcwg>
List-help: <mailto:dhcwg-request@ietf.org?subject=help>
List-id: <dhcwg.ietf.org>
List-post: <mailto:dhcwg@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
References: <8E296595B6471A4689555D5D725EBB21080C9FAD@xmb-rtp-20a.amer.cisco.com> <8E296595B6471A4689555D5D725EBB21080C9F72@xmb-rtp-20a.amer.cisco.com> <808.1216031570@epsilon.noi.kre.to> <005401c8e5b0$4607f2f0$c80c6f0a@china.huawei.com> <13363.1216042143@epsilon.noi.kre.to> <11031.1216046188@epsilon.noi.kre.to>
Sender: dhcwg-bounces at ietf.org
Thread-index: AcjlvzS9VpHd1l9pRnaSbu17xT9CVwAAUX8w
Thread-topic: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!

Yes, I am beginning to see this, though I still don't fully understand
it.

For example, in RFC 3971, section 5.2:

5.2.  RSA Signature Option

...

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |     Type      |    Length     |           Reserved            |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                                                               |
    |                          Key Hash                             |
    |                                                               |
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                                                               |
    .                                                               .
    .                       Digital Signature                       .
    .                                                               .
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                                                               |
    .                                                               .
    .                           Padding                             .
    .                                                               .
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

...

      This field starts after the Key Hash field.  The length of the
      Digital Signature field is determined by the length of the RSA
      Signature option minus the length of the other fields (including
      the variable length Pad field).

   Padding

      This variable-length field contains padding, as many bytes long as
      remain after the end of the signature. 

This seems like a catch-22. How can someone determine the length of the
Digital Signature field as there's no indication of how long the pad
field is.

Therefore, the Digital Signature field's length MUST be known based on
other information (key, etc).

So, sure, putting 0's in the 100s of bytes and, likely more
significantly, having to calculate the signature over those additional
bytes is a cost.

If we feel that is a burden, using multiple fragments is the way to go.
Based on the original write-up in the draft, this is required anyway so
there's really no savings.

       Signature       A variable-length field containing a digital 
                       signature. The signature value is computed with 
                       the hash algorithm and the signature algorithm, 
                       as described in HA-id and SA-id. The signature 
                       constructed by using the sender's private key 
                       over the following sequence of octets: 
                        
                       1. The 128-bit CGA Message Type tag value for 
                       Secure DHCPv6, 0x81be a1eb 0021 ce7e caa9 4090 
                       0665 d2e0 02c2. (The tag value has been 
                       generated randomly by the editor of this 
                       specification.)
                        
                       2. The 128-bit Source Address field from the IP 
                       header. 
                        
                       3. The 128-bit Destination Address field from 
                       the IP header. 
                        
                       4. The entire DHCPv6 message EXCEPT for the
                       option-code, option-len and Signature fields of
                       this option.

It does require one more fragment than the original specification (the
data beyond the end of the option). For the nodes that always add the
option as the last option (based on their choice to do so), they can
avoid this last fragment. But, of course they can't assume this when
receiving a message.

- Bernie
_______________________________________________
dhcwg mailing list
dhcwg at ietf.org
https://www.ietf.org/mailman/listinfo/dhcwg

References:
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Bernie Volz (volz)
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Bernie Volz (volz)
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Robert Elz
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Robert Elz
- Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
  - From: Robert Elz

Prev by Date: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
Next by Date: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
Previous by thread: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
Next by thread: Re: [dhcwg] A new draft of draft-jiang-dhc-secure-dhcpv6 is submitted. Comments are welcome!
Index(es):
- Date
- Thread