< draft-ietf-ipsecme-add-ike-00.txt   draft-ietf-ipsecme-add-ike-01.txt >
ipsecme M. Boucadair ipsecme M. Boucadair
Internet-Draft Orange Internet-Draft Orange
Intended status: Standards Track T. Reddy Intended status: Standards Track T. Reddy
Expires: 19 June 2022 Akamai Expires: 23 September 2022 Akamai
D. Wing D. Wing
Citrix Citrix
V. Smyslov V. Smyslov
ELVIS-PLUS ELVIS-PLUS
16 December 2021 22 March 2022
Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for
Encrypted DNS Encrypted DNS
draft-ietf-ipsecme-add-ike-00 draft-ietf-ipsecme-add-ike-01
Abstract Abstract
This document specifies a new Internet Key Exchange Protocol Version This document specifies new Internet Key Exchange Protocol Version 2
2 (IKEv2) Configuration Payload Attribute Types for encrypted DNS (IKEv2) Configuration Payload Attribute Types for encrypted DNS
protocols such as DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), and DNS- protocols such as DNS-over-HTTPS (DoH), DNS-over-TLS (DoT), and DNS-
over-QUIC (DoQ). over-QUIC (DoQ).
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 19 June 2022. This Internet-Draft will expire on 23 September 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License. provided without warranty as described in the Revised BSD License.
skipping to change at page 2, line 35 skipping to change at page 2, line 35
Appendix A. Sample Deployment Scenarios . . . . . . . . . . . . 11 Appendix A. Sample Deployment Scenarios . . . . . . . . . . . . 11
A.1. Roaming Enterprise Users . . . . . . . . . . . . . . . . 11 A.1. Roaming Enterprise Users . . . . . . . . . . . . . . . . 11
A.2. VPN Service Provider . . . . . . . . . . . . . . . . . . 12 A.2. VPN Service Provider . . . . . . . . . . . . . . . . . . 12
A.3. DNS Offload . . . . . . . . . . . . . . . . . . . . . . . 12 A.3. DNS Offload . . . . . . . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
This document specifies encrypted DNS configuration for an Internet This document specifies encrypted DNS configuration for an Internet
Key Exchange Protocol Version 2 (IKEv2) [RFC7296] initiator, Key Exchange Protocol Version 2 (IKEv2) [RFC7296] initiator,
particularly the Authentication Domain Name (ADN) of encrypted DNS particularly the Authentication Domain Name (ADN) of DNS servers that
protocols such as DNS-over-HTTPS (DoH) [RFC8484], DNS-over-TLS (DoT) support encrypted DNS protocols such as DNS-over-HTTPS (DoH)
[RFC7858], or DNS-over-QUIC (DoQ) [I-D.ietf-dprive-dnsoquic]. [RFC8484], DNS-over-TLS (DoT) [RFC7858], or DNS-over-QUIC (DoQ)
[I-D.ietf-dprive-dnsoquic].
This document introduces new IKEv2 Configuration Payload Attribute This document introduces new IKEv2 Configuration Payload Attribute
Types (Section 3) for the support of encrypted DNS servers. These Types (Section 3) for the support of encrypted DNS servers. These
attributes can be used to provision authentication domain names, a attributes can be used to provision ADNs, a list of IP addresses, and
list of IP addresses, and a set of service parameters. a set of service parameters.
Sample use cases are discussed in Appendix A. The Configuration Sample use cases are discussed in Appendix A. The Configuration
Payload Attribute Types defined in this document are not specific to Payload Attribute Types defined in this document are not specific to
these deployments, but can also be used in other deployment contexts. these deployments, but can also be used in other deployment contexts.
It is out of the scope of this document to provide a comprehensive It is out of the scope of this document to provide a comprehensive
list of deployment contexts. list of deployment contexts.
The encrypted DNS server hosted by the VPN provider can get a domain- The encrypted DNS server hosted by a VPN provider can get a domain-
validate certificate from a public CA. The VPN client does not need validate certificate from a public Certificate Authority (CA). The
to be provisioned with the root certificate of a private CA to VPN client does not need to be provisioned with the root certificate
authenticate the certificate of the encrypted DNS server. The of a private CA to authenticate the certificate of the encrypted DNS
encrypted DNS server can run on private IP addresses and its access server. The encrypted DNS server can run on private IP addresses and
can be restricted to clients connected to the VPN. its access can be restricted to clients connected to the VPN.
Note that, for many years, typical designs have often considered that Note that, for many years, typical designs have often considered that
the DNS server was usually located inside the protected domain, but the DNS server was usually located inside the protected domain, but
could be located outside of it. With encrypted DNS, the latter could be located outside of it. With encrypted DNS, the latter
option becomes plausible. option becomes plausible.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
skipping to change at page 3, line 33 skipping to change at page 3, line 33
capitals, as shown here. capitals, as shown here.
This document uses of the terms defined in [RFC8499]. This document uses of the terms defined in [RFC8499].
Also, this document uses of the terms defined in [RFC7296]. In Also, this document uses of the terms defined in [RFC7296]. In
particular, readers should be familiar with "initiator" and particular, readers should be familiar with "initiator" and
"responder" terms used in that document. "responder" terms used in that document.
This document makes use of the following terms: This document makes use of the following terms:
'Do53': refers to unencrypted DNS. Do53: refers to unencrypted DNS.
'Encrypted DNS': refers to a scheme where DNS messages are sent over Encrypted DNS: refers to a scheme where DNS messages are sent over
an encrypted channel. Examples of encrypted DNS are DoT, DoH, and an encrypted channel. Examples of encrypted DNS are DoT, DoH, and
DoQ. DoQ.
'ENCDNS_IP*: refers to any IKEv2 Configuration Payload Attribute ENCDNS_IP*: refers to any IKEv2 Configuration Payload Attribute
Types defined in Section 3.1. Types defined in Section 3.1.
3. IKEv2 Configuration Payload Attribute Types for Encrypted DNS 3. IKEv2 Configuration Payload Attribute Types for Encrypted DNS
3.1. ENCDNS_IP* Configuration Payload Attributes 3.1. ENCDNS_IP* Configuration Payload Attributes
The ENCDNS_IP* IKEv2 Configuration Payload Attribute Types are used The ENCDNS_IP* IKEv2 Configuration Payload Attribute Types are used
to configure encrypted DNS servers. All these attributes share the to configure encrypted DNS servers to an initiator. All these
format shown in Figure 1. attributes share the format that is shown in Figure 1.
1 2 3 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-----------------------------+-------------------------------+ +-+-----------------------------+-------------------------------+
|R| Attribute Type | Length | |R| Attribute Type | Length |
+-+-----------------------------+---------------+---------------+ +-+-----------------------------+---------------+---------------+
| Service Priority | Num Addresses | ADN Length | | Service Priority | Num Addresses | ADN Length |
+-------------------------------+---------------+---------------+ +-------------------------------+---------------+---------------+
~ IP Addresses ~ ~ IP Addresses ~
+---------------------------------------------------------------+ +---------------------------------------------------------------+
~ Authentication Domain Name ~ ~ Authentication Domain Name ~
+---------------------------------------------------------------+ +---------------------------------------------------------------+
~ Service Parameters (SvcParams) ~ ~ Service Parameters (SvcParams) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Attributes Format Figure 1: Attributes Format
The fields of the attribute shown in Figure 1 are as follows: The description of the fields of the attribute shown in Figure 1 is
as follows:
* R (Reserved, 1 bit) - This bit MUST be set to zero and MUST be * R (Reserved, 1 bit) - This bit MUST be set to zero and MUST be
ignored on receipt (see Section 3.15.1 of [RFC7296] for details). ignored on receipt (see Section 3.15.1 of [RFC7296] for details).
* Attribute Type (15 bits) - Identifier for Configuration Attribute * Attribute Type (15 bits) - Identifier for Configuration Attribute
Type; is set to TBA1 or TBA2 values listed in Section 6.1. Type; is set to TBA1 or TBA2 values listed in Section 6.1.
* Length (2 octets, unsigned integer) - Length of the data in * Length (2 octets, unsigned integer) - Length of the data in
octets. In particular, this field is set to: octets. In particular, this field is set to:
skipping to change at page 5, line 5 skipping to change at page 5, line 5
- (4 + Length of the ADN + N * 16 + Length of SvcParams) for - (4 + Length of the ADN + N * 16 + Length of SvcParams) for
ENCDNS_IP6 attributes if the Configuration payload has types ENCDNS_IP6 attributes if the Configuration payload has types
CFG_REQUEST or CFG_REPLY or CFG_SET; N being the number of CFG_REQUEST or CFG_REPLY or CFG_SET; N being the number of
included IPv6 addresses ('Num addresses'). included IPv6 addresses ('Num addresses').
* Service Priority (2 octets) - The priority of this attribute * Service Priority (2 octets) - The priority of this attribute
compared to other ENCDNS_IP* instances. This field is encoded compared to other ENCDNS_IP* instances. This field is encoded
following the rules specified in Section 2.4.1 of following the rules specified in Section 2.4.1 of
[I-D.ietf-dnsop-svcb-https]. [I-D.ietf-dnsop-svcb-https].
AliasMode (Section 2.4.2 of [I-D.ietf-dnsop-svcb-https]) is not
supported because such a mode will trigger additional Do53 queries
while the data can be supplied directly in the IKE response. As
such, this field MUST NOT be set to 0.
* Num Addresses (1 octet) - Indicates the number of enclosed IPv4 * Num Addresses (1 octet) - Indicates the number of enclosed IPv4
(for ENCDNS_IP4 attribute type) or IPv6 (for ENCDNS_IP6 attribute (for ENCDNS_IP4 attribute type) or IPv6 (for ENCDNS_IP6 attribute
type) addresses. It MUST NOT be set to 0 if the Configuration type) addresses. It MUST NOT be set to 0 if the Configuration
payload has types CFG_REPLY or CFG_SET. payload has types CFG_REPLY or CFG_SET.
* ADN Length (1 octet) - Indicates the length of the authentication- * ADN Length (1 octet) - Indicates the length of the authentication-
domain-name field in octets. domain-name field in octets.
* IP Address(es) (variable) - One or more IPv4 or IPv6 addresses to * IP Address(es) (variable) - One or more IPv4 or IPv6 addresses to
be used to reach the encrypted DNS server that is identified by be used to reach the encrypted DNS server that is identified by
skipping to change at page 6, line 47 skipping to change at page 6, line 47
Payload Attribute(s). Payload Attribute(s).
* Authentication Domain Name (variable) - A fully qualified domain * Authentication Domain Name (variable) - A fully qualified domain
name of the encrypted DNS server following the syntax defined in name of the encrypted DNS server following the syntax defined in
[RFC5890]. The name MUST NOT contain any terminators (e.g., NULL, [RFC5890]. The name MUST NOT contain any terminators (e.g., NULL,
CR). A name is included only when multiple ADNs are included in CR). A name is included only when multiple ADNs are included in
the ENCDNS_IP* Configuration Payload Attributes. the ENCDNS_IP* Configuration Payload Attributes.
* Hash Algorithm Identifiers (variable) - In a request, this field * Hash Algorithm Identifiers (variable) - In a request, this field
specifies a list of 16-bit hash algorithm identifiers that are specifies a list of 16-bit hash algorithm identifiers that are
supported by the Encrypted DNS client. In a response, this field supported by the encrypted DNS client. In a response, this field
specified the 16-bit hash algorithm identifier selected by the specifies the 16-bit hash algorithm identifier selected by the
server to generate the digest of its certificate. The values of server to generate the digest of its certificate.
this field are taken from the Hash Algorithm Identifiers of IANA's
"Internet Key Exchange Version 2 (IKEv2) Parameters" registry The values of this field are taken from the Hash Algorithm
[Hash]. Identifiers of IANA's "Internet Key Exchange Version 2 (IKEv2)
Parameters" registry [Hash].
There is no padding between the hash algorithm identifiers. There is no padding between the hash algorithm identifiers.
Note that SHA2-256 is mandatory to implement. Note that SHA2-256 is mandatory to implement.
* Certificate Digest (variable) - MUST only be present in a * Certificate Digest (variable) - MUST only be present in a
response. This field includes the digest of the Encrypted DNS response. This field includes the digest of the encrypted DNS
server certificate using the algorthm identified in the 'Hash server certificate using the algorthm identified in the 'Hash
Algorithm Identifiers' field. Algorithm Identifiers' field.
4. IKEv2 Protocol Exchange 4. IKEv2 Protocol Exchange
This section describes how an initiator can be configured with an This section describes how an initiator can be configured with an
encrypted DNS server (e.g., DoH, DoT) using IKEv2. encrypted DNS server (e.g., DoH, DoT) using IKEv2.
Initiators indicate the support of an encrypted DNS in the Initiators indicate the support of an encrypted DNS in the
CFG_REQUEST payloads by including one or two ENCDNS_IP* attributes, CFG_REQUEST payloads by including one or two ENCDNS_IP* attributes,
while responders supply the encrypted DNS configuration in the while responders supply the encrypted DNS configuration in the
CFG_REPLY payloads. Concretely: CFG_REPLY payloads. Concretely:
If the initiator supports encrypted DNS, it includes one or two If the initiator supports encrypted DNS, it includes one or two
ENCDNS_IP* attributes in the CFG_REQUEST. For each IP address ENCDNS_IP* attributes in the CFG_REQUEST. For each IP address
family the initiator MUST include exactly one attribute with the family the initiator MUST include exactly one attribute with the
Length field set to 0 if no specific DNS server is requested. The Length field set to 0 if no specific DNS server is requested. The
initiator MAY include the ENCDNS_DIGEST_INFO attribute with a list initiator MAY include the ENCDNS_DIGEST_INFO attribute with a list
of hash algorithms that are supported by the Encrypted DNS client. of hash algorithms that are supported by the encrypted DNS client.
For each ENCDNS_IP* attribute from the CFG_REQUEST, if the For each ENCDNS_IP* attribute from the CFG_REQUEST, if the
responder supports the corresponding address family, and absent responder supports the corresponding address family, and absent
any policy, the responder sends back ENCDNS_IP* attribute(s) in any policy, the responder sends back ENCDNS_IP* attribute(s) in
the CFG_REPLY with an appropriate list of IP addresses, service the CFG_REPLY with an appropriate list of IP addresses, service
parameters, and an ADN. The list of IP addresses MUST include at parameters, and an ADN. The list of IP addresses MUST include at
least one IP address. The responder may ignore suggested values least one IP address. The responder may ignore suggested values
(if any). Multiple instances of the same ENCDNS_IP* attribute MAY (if any). Multiple instances of the same ENCDNS_IP* attribute MAY
be returned if distinct ADNs or service parameters are to be be returned if distinct ADNs or service parameters are to be
returned by the responder. The same or distinct IP addresses can returned by the responder. The same or distinct IP addresses can
be returned in such instances. These instances SHOULD be be returned in such instances. These instances SHOULD be
processed following their service priority (i.e., smaller service processed following their service priority (i.e., smaller service
priority indicates a higher preference). priority indicates a higher preference).
In addition, the responder MAY return the ENCDNS_DIGEST_INFO In addition, the responder MAY return the ENCDNS_DIGEST_INFO
attribute to convey a digest of the certificate of the Encrypted attribute to convey a digest of the certificate of the encrypted
DNS and the identifier of the hash algorithm that is used to DNS and the identifier of the hash algorithm that is used to
generate the digest. generate the digest.
If the CFG_REQUEST includes an ENCDNS_IP* attribute but the If the CFG_REQUEST includes an ENCDNS_IP* attribute but the
CFG_REPLY does not include an ENCDNS_IP* matching the requested CFG_REPLY does not include an ENCDNS_IP* matching the requested
address family, this is an indication that requested address address family, this is an indication that requested address
family is not supported by the responder or the responder is not family is not supported by the responder or the responder is not
configured to provide corresponding server addresses. configured to provide corresponding server addresses.
If the initiator receives both ENCDNS_IP* and INTERNAL_IP6_DNS (or If the initiator receives both ENCDNS_IP* and INTERNAL_IP6_DNS (or
INTERNAL_IP4_DNS) attributes, it is RECOMMENDED that the initiator INTERNAL_IP4_DNS) attributes, it is RECOMMENDED that the initiator
uses the Encrypted DNS servers. uses the encrypted DNS servers.
The DNS client establishes an encrypted DNS session (e.g., DoT, DoH, The DNS client establishes an encrypted DNS session (e.g., DoT, DoH,
DoQ) with the address(es) conveyed in ENCDNS_IP* and uses the DoQ) with the address(es) conveyed in ENCDNS_IP* and uses the
mechanism discussed in Section 8 of [RFC8310] to authenticate the DNS mechanism discussed in Section 8 of [RFC8310] to authenticate the DNS
server certificate using the authentication domain name conveyed in server certificate using the authentication domain name conveyed in
ENCDNS_IP*. ENCDNS_IP*.
If the CFG_REPLY includes an ENCDNS_DIGEST_INFO attribute, the DNS If the CFG_REPLY includes an ENCDNS_DIGEST_INFO attribute, the DNS
client has to create a digest of the DNS server certificate received client has to create a digest of the DNS server certificate received
in the TLS handshake using the negotiated hash algorithm in the in the TLS handshake using the negotiated hash algorithm in the
skipping to change at page 11, line 8 skipping to change at page 11, line 8
[I-D.arkko-farrell-arch-model-t] [I-D.arkko-farrell-arch-model-t]
Arkko, J. and S. Farrell, "Challenges and Changes in the Arkko, J. and S. Farrell, "Challenges and Changes in the
Internet Threat Model", Work in Progress, Internet-Draft, Internet Threat Model", Work in Progress, Internet-Draft,
draft-arkko-farrell-arch-model-t-04, 13 July 2020, draft-arkko-farrell-arch-model-t-04, 13 July 2020,
<https://www.ietf.org/archive/id/draft-arkko-farrell-arch- <https://www.ietf.org/archive/id/draft-arkko-farrell-arch-
model-t-04.txt>. model-t-04.txt>.
[I-D.ietf-dprive-dnsoquic] [I-D.ietf-dprive-dnsoquic]
Huitema, C., Dickinson, S., and A. Mankin, "DNS over Huitema, C., Dickinson, S., and A. Mankin, "DNS over
Dedicated QUIC Connections", Work in Progress, Internet- Dedicated QUIC Connections", Work in Progress, Internet-
Draft, draft-ietf-dprive-dnsoquic-07, 1 December 2021, Draft, draft-ietf-dprive-dnsoquic-11, 21 March 2022,
<https://www.ietf.org/archive/id/draft-ietf-dprive- <https://www.ietf.org/archive/id/draft-ietf-dprive-
dnsoquic-07.txt>. dnsoquic-11.txt>.
[RFC7619] Smyslov, V. and P. Wouters, "The NULL Authentication [RFC7619] Smyslov, V. and P. Wouters, "The NULL Authentication
Method in the Internet Key Exchange Protocol Version 2 Method in the Internet Key Exchange Protocol Version 2
(IKEv2)", RFC 7619, DOI 10.17487/RFC7619, August 2015, (IKEv2)", RFC 7619, DOI 10.17487/RFC7619, August 2015,
<https://www.rfc-editor.org/info/rfc7619>. <https://www.rfc-editor.org/info/rfc7619>.
[RFC7671] Dukhovni, V. and W. Hardaker, "The DNS-Based [RFC7671] Dukhovni, V. and W. Hardaker, "The DNS-Based
Authentication of Named Entities (DANE) Protocol: Updates Authentication of Named Entities (DANE) Protocol: Updates
and Operational Guidance", RFC 7671, DOI 10.17487/RFC7671, and Operational Guidance", RFC 7671, DOI 10.17487/RFC7671,
October 2015, <https://www.rfc-editor.org/info/rfc7671>. October 2015, <https://www.rfc-editor.org/info/rfc7671>.
 End of changes. 22 change blocks. 
36 lines changed or deleted 44 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/