| < draft-ietf-ipsecme-ikev1-algo-to-historic-00.txt | draft-ietf-ipsecme-ikev1-algo-to-historic-01.txt > | |||
|---|---|---|---|---|
| Network P. Wouters, Ed. | Network P. Wouters, Ed. | |||
| Internet-Draft No Hats | Internet-Draft Aiven | |||
| Updates: 7296, 8221, 8247 (if approved) 27 April 2021 | Updates: 7296, 8221, 8247 (if approved) 27 June 2021 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: 29 October 2021 | Expires: 29 December 2021 | |||
| Deprecation of IKEv1 and obsoleted algorithms | Deprecation of IKEv1 and obsoleted algorithms | |||
| draft-ietf-ipsecme-ikev1-algo-to-historic-00 | draft-ietf-ipsecme-ikev1-algo-to-historic-01 | |||
| Abstract | Abstract | |||
| Internet Key Exchange version 1 (IKEv1) is deprecated. Accordingly, | Internet Key Exchange version 1 (IKEv1) is deprecated. Accordingly, | |||
| IKEv1 has been moved to Historic status. A number of old algorithms | IKEv1 has been moved to Historic status. A number of old algorithms | |||
| that are associated with IKEv1, and not widely implemented for IKEv2 | that are associated with IKEv1, and not widely implemented for IKEv2 | |||
| are deprecated as well. This document adds a Status column to the | are deprecated as well. This document adds a Status column to the | |||
| IANA IKEv2 Transform Type registries. | IANA IKEv2 Transform Type registries. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 35 ¶ | skipping to change at page 1, line 35 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 29 October 2021. | This Internet-Draft will expire on 29 December 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 2, line 11 ¶ | skipping to change at page 2, line 11 ¶ | |||
| extracted from this document must include Simplified BSD License text | extracted from this document must include Simplified BSD License text | |||
| as described in Section 4.e of the Trust Legal Provisions and are | as described in Section 4.e of the Trust Legal Provisions and are | |||
| provided without warranty as described in the Simplified BSD License. | provided without warranty as described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 2 | 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 2 | |||
| 3. RFC 2409 to Historic . . . . . . . . . . . . . . . . . . . . 3 | 3. RFC 2409 to Historic . . . . . . . . . . . . . . . . . . . . 3 | |||
| 4. IKEv1 feature equivalents for IKEv2 . . . . . . . . . . . . . 3 | 4. IKEv1 feature equivalents for IKEv2 . . . . . . . . . . . . . 3 | |||
| 4.1. IKEv2 postquantum support . . . . . . . . . . . . . . . . 3 | 4.1. IKEv2 postquantum support . . . . . . . . . . . . . . . . 4 | |||
| 4.2. IKEv2 Labeled IPsec support . . . . . . . . . . . . . . . 4 | 4.2. IKEv2 Labeled IPsec support . . . . . . . . . . . . . . . 4 | |||
| 4.3. IKEv2 Group SA / Multicast support . . . . . . . . . . . 4 | 4.3. IKEv2 Group SA / Multicast support . . . . . . . . . . . 4 | |||
| 5. Deprecating obsolete algorithms . . . . . . . . . . . . . . . 4 | 5. Deprecating obsolete algorithms . . . . . . . . . . . . . . . 4 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 4 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 4 | |||
| 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 | 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 8. Normative References . . . . . . . . . . . . . . . . . . . . 6 | 8. Normative References . . . . . . . . . . . . . . . . . . . . 6 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 1. Introduction | 1. Introduction | |||
| IKEv1 [RFC2409] and its related documents for ISAKMP [RFC2408] and | IKEv1 [RFC2409] and its related documents for ISAKMP [RFC2408] and | |||
| IPsec DOI [RFC2407] were obsoleted by IKEv2 [RFC4306] in December | IPsec DOI [RFC2407] were obsoleted by IKEv2 [RFC4306] in December | |||
| 2005. The latest version of IKEv2 at the time of writing was | 2005. The latest version of IKEv2 at the time of writing was | |||
| published in 2014 in [RFC7296]. The Internet Key Exchange (IKE) | published in 2014 in [RFC7296]. The Internet Key Exchange (IKE) | |||
| version 2 has replaced version 1 over 15 years ago. IKEv2 has now | version 2 has replaced version 1 over 15 years ago. IKEv2 has now | |||
| skipping to change at page 3, line 11 ¶ | skipping to change at page 3, line 11 ¶ | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 3. RFC 2409 to Historic | 3. RFC 2409 to Historic | |||
| IKEv1 is deprecated. Systems running IKEv1 should be upgraded and | IKEv1 is deprecated. Systems running IKEv1 should be upgraded and | |||
| reconfigured to run IKEv2. Systems that support IKEv1 but not IKEv2 | reconfigured to run IKEv2. Systems that support IKEv1 but not IKEv2 | |||
| are most likely also unsuitable candidates for continued operation: | are most likely also unsuitable candidates for continued operation: | |||
| * IKEv1 development ceased over a decade ago and no new work will | ||||
| happen. This poses the risk of unmaintained code in an otherwise | ||||
| supported product which can result in security vulnerabilities. | ||||
| * A number of IKEv1 systems have reached their End of Life and | * A number of IKEv1 systems have reached their End of Life and | |||
| therefor will never be patched by the vendor if a vulnerability is | therefor will never be patched by the vendor if a vulnerability is | |||
| found. | found. | |||
| * A number of vendors still provide updates for their equipment that | * There are vendors that still provide updates for their equipment | |||
| supports IKEv1 and IKEv2, but have "frozen" their IKEv1 | that supports IKEv1 and IKEv2, but have "frozen" their IKEv1 | |||
| implementation, and will never make any changes to it. This also | implementation. Such users might not be aware that they are | |||
| results in running unmaintained code and its associated security | running unmaintained code with its associated security risks. | |||
| risks. | ||||
| * IKEv1 systems can be abused for packet amplification attacks, see | * IKEv1 systems can be abused for packet amplification attacks, as | |||
| CVE-2016-5361. | documented in the Security Bulletin CVE-2016-5361. | |||
| * IKEv1 systems most likely do not support modern cryptographic | * Great strides have been made in cryptography since IKEv1 | |||
| algorithms. AES-GCM is only defined for ESP and not IKE, and | development ceased. While some modern cryptographic algorithms | |||
| often not implemented for ESP. And CHACHA20_POLY1305 is not | were added to IKEv1, interoperability concerns mean that the | |||
| defined for IKEv1. Often, IKEv1 is configured with the very weak | defacto algorithms negotiated by IKEv1 will consist of dated or | |||
| Diffie-Hellman Groups 2 and 5 and some implementatipons do not | deprecated algorithms like AES-CBC, SHA1, and Diffie-Hellman | |||
| support any stronger alternatives. | groups 2 and 5. IKEv2 provides state-of-the-art suite of | |||
| cryptographic algorithms that IKEv1 lacks. | ||||
| IKEv2 is a more secure protocol than IKEv1 in every aspect. | IKEv2 is a more secure protocol than IKEv1 in every aspect. | |||
| IKEv1-only systems should be upgraded or replaced by systems | IKEv1-only systems should be upgraded or replaced by systems | |||
| supporting IKEv2. IKEv1 configurations SHOULD NOT be directly | supporting IKEv2. IKEv1 configurations SHOULD NOT be directly | |||
| translated to IKEv2 configurations without updating the cryptographic | translated to IKEv2 configurations without updating the cryptographic | |||
| algorithms used. | algorithms used. | |||
| 4. IKEv1 feature equivalents for IKEv2 | 4. IKEv1 feature equivalents for IKEv2 | |||
| A few notably IKEv1 features are not present in the IKEv2 core | A few notably IKEv1 features are not present in the IKEv2 core | |||
| skipping to change at page 6, line 12 ¶ | skipping to change at page 6, line 25 ¶ | |||
| All entries not mentioned here should receive no value in the new | All entries not mentioned here should receive no value in the new | |||
| Status field. | Status field. | |||
| 8. Normative References | 8. Normative References | |||
| [draft-ietf-ipsecme-g-ikev2] | [draft-ietf-ipsecme-g-ikev2] | |||
| Smyslov, V. and B. Weis, "Group Key Management using | Smyslov, V. and B. Weis, "Group Key Management using | |||
| IKEv2", Work in Progress, Internet-Draft, draft-ietf- | IKEv2", Work in Progress, Internet-Draft, draft-ietf- | |||
| ipsecme-labeled-ipsec, 11 January 2021, | ipsecme-labeled-ipsec, 11 January 2021, | |||
| <https://tools.ietf.org/id/draft-ietf-ipsecme-labeled- | <https://tools.ietf.org/id/draft-ietf-ipsecme-labeled- | |||
| ipsec-01.txt>. | ipsec-02.txt>. | |||
| [draft-ietf-ipsecme-labeled-ipsec] | [draft-ietf-ipsecme-labeled-ipsec] | |||
| Wouters, P. and S. Prasad, "Labeled IPsec Traffic Selector | Wouters, P. and S. Prasad, "Labeled IPsec Traffic Selector | |||
| support for IKEv2", Work in Progress, Internet-Draft, | support for IKEv2", Work in Progress, Internet-Draft, | |||
| draft-ietf-ipsecme-labeled-ipsec, 30 October 2020, | draft-ietf-ipsecme-labeled-ipsec, 4 May 2021, | |||
| <https://tools.ietf.org/id/draft-ietf-ipsecme-labeled- | <https://tools.ietf.org/id/draft-ietf-ipsecme-labeled- | |||
| ipsec-01.txt>. | ipsec-05.txt>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC2407] Piper, D., "The Internet IP Security Domain of | [RFC2407] Piper, D., "The Internet IP Security Domain of | |||
| Interpretation for ISAKMP", RFC 2407, | Interpretation for ISAKMP", RFC 2407, | |||
| DOI 10.17487/RFC2407, November 1998, | DOI 10.17487/RFC2407, November 1998, | |||
| <https://www.rfc-editor.org/info/rfc2407>. | <https://www.rfc-editor.org/info/rfc2407>. | |||
| skipping to change at page 7, line 38 ¶ | skipping to change at page 7, line 51 ¶ | |||
| [RFC8784] Fluhrer, S., Kampanakis, P., McGrew, D., and V. Smyslov, | [RFC8784] Fluhrer, S., Kampanakis, P., McGrew, D., and V. Smyslov, | |||
| "Mixing Preshared Keys in the Internet Key Exchange | "Mixing Preshared Keys in the Internet Key Exchange | |||
| Protocol Version 2 (IKEv2) for Post-quantum Security", | Protocol Version 2 (IKEv2) for Post-quantum Security", | |||
| RFC 8784, DOI 10.17487/RFC8784, June 2020, | RFC 8784, DOI 10.17487/RFC8784, June 2020, | |||
| <https://www.rfc-editor.org/info/rfc8784>. | <https://www.rfc-editor.org/info/rfc8784>. | |||
| Author's Address | Author's Address | |||
| Paul Wouters (editor) | Paul Wouters (editor) | |||
| No Hats | Aiven | |||
| Email: paul@nohats.ca | Email: paul@nohats.ca | |||
| End of changes. 14 change blocks. | ||||
| 25 lines changed or deleted | 28 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||