| < draft-ietf-ipsec-rfc2402bis-10.txt | draft-ietf-ipsec-rfc2402bis-11.txt > | |||
|---|---|---|---|---|
| IPsec Working Group S. Kent | IPsec Working Group S. Kent | |||
| Internet-Draft BBN Technologies | Internet-Draft BBN Technologies | |||
| draft-ietf-ipsec-rfc2402bis-10.txt December 2004 | draft-ietf-ipsec-rfc2402bis-11.txt March 2005 | |||
| Obsoletes: RFC 2402 | Obsoletes: RFC 2402 | |||
| Expires June 2005 | Expires September 2005 | |||
| IP Authentication Header | IP Authentication Header | |||
| draft-ietf-ipsec-rfc2402bis-10.txt | draft-ietf-ipsec-rfc2402bis-11.txt | |||
| Status of This Memo | Status of This Memo | |||
| By submitting this Internet-Draft, I certify that any applicable | By submitting this Internet-Draft, I certify that any applicable | |||
| patent or other IPR claims of which I am aware have been disclosed, | patent or other IPR claims of which I am aware have been disclosed, | |||
| and any of which I become aware will be disclosed, in accordance with | and any of which I become aware will be disclosed, in accordance with | |||
| RFC 3668. | RFC 3668. | |||
| This document is an Internet-Draft and is subject to all provisions | This document is an Internet-Draft and is subject to all provisions | |||
| of Section 10 of RFC2026. Internet-Drafts are working documents of | of Section 10 of RFC2026. Internet-Drafts are working documents of | |||
| skipping to change at page 1, line 35 ¶ | skipping to change at page 1, line 34 ¶ | |||
| obsoleted by other documents at any time. It is inappropriate to use | obsoleted by other documents at any time. It is inappropriate to use | |||
| Internet-Drafts as reference material or to cite them other than as a | Internet-Drafts as reference material or to cite them other than as a | |||
| "work in progress". | "work in progress". | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/lid-abstracts.html | http://www.ietf.org/lid-abstracts.html | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html | http://www.ietf.org/shadow.html | |||
| Copyright (C) The Internet Society (2004). This document is subject | Copyright (C) The Internet Society (2005). This document is subject | |||
| to the rights, licenses and restrictions contained in BCP 78, and | to the rights, licenses and restrictions contained in BCP 78, and | |||
| except as set forth therein, the authors retain all their rights. | except as set forth therein, the authors retain all their rights. | |||
| Abstract | Abstract | |||
| This document describes an updated version of the IP Authentication | This document describes an updated version of the IP Authentication | |||
| Header (AH), which is designed to provide authentication services in | Header (AH), which is designed to provide authentication services in | |||
| IPv4 and IPv6. This document obsoletes RFC 2402 (November 1998). | IPv4 and IPv6. This document obsoletes RFC 2402 (November 1998). | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction.......................................................3 | 1. Introduction.......................................................3 | |||
| 2. Authentication Header Format.......................................4 | 2. Authentication Header Format.......................................4 | |||
| 2.1 Next Header...................................................5 | 2.1 Next Header...................................................5 | |||
| 2.2 Payload Length................................................5 | 2.2 Payload Length................................................5 | |||
| 2.3 Reserved......................................................6 | 2.3 Reserved......................................................5 | |||
| 2.4 Security Parameters Index (SPI)...............................6 | 2.4 Security Parameters Index (SPI)...............................6 | |||
| 2.5 Sequence Number...............................................8 | 2.5 Sequence Number...............................................7 | |||
| 2.5.1 Extended (64-bit) Sequence Number........................8 | 2.5.1 Extended (64-bit) Sequence Number........................8 | |||
| 2.6 Integrity Check Value (ICV) ..................................9 | 2.6 Integrity Check Value (ICV) ..................................8 | |||
| 3. Authentication Header Processing...................................9 | 3. Authentication Header Processing...................................9 | |||
| 3.1 Authentication Header Location...............................9 | 3.1 Authentication Header Location...............................9 | |||
| 3.1.1 Transport Mode..........................................9 | 3.1.1 Transport Mode..........................................9 | |||
| 3.1.2 Tunnel Mode............................................10 | 3.1.2 Tunnel Mode............................................10 | |||
| 3.2 Integrity Algorithms........................................11 | 3.2 Integrity Algorithms........................................11 | |||
| 3.3 Outbound Packet Processing..................................11 | 3.3 Outbound Packet Processing..................................11 | |||
| 3.3.1 Security Association Lookup............................11 | 3.3.1 Security Association Lookup............................11 | |||
| 3.3.2 Sequence Number Generation.............................12 | 3.3.2 Sequence Number Generation.............................12 | |||
| 3.3.3 Integrity Check Value Calculation......................12 | 3.3.3 Integrity Check Value Calculation......................13 | |||
| 3.3.3.1 Handling Mutable Fields...........................13 | 3.3.3.1 Handling Mutable Fields...........................13 | |||
| 3.3.3.1.1 ICV Computation for IPv4.....................13 | 3.3.3.1.1 ICV Computation for IPv4.....................13 | |||
| 3.3.3.1.1.1 Base Header Fields.......................13 | 3.3.3.1.1.1 Base Header Fields.......................13 | |||
| 3.3.3.1.1.2 Options..................................14 | 3.3.3.1.1.2 Options..................................14 | |||
| 3.3.3.1.2 ICV Computation for IPv6.....................14 | 3.3.3.1.2 ICV Computation for IPv6.....................15 | |||
| 3.3.3.1.2.1 Base Header Fields.......................14 | 3.3.3.1.2.1 Base Header Fields.......................15 | |||
| 3.3.3.1.2.2 Extension Headers Containing Options.....15 | 3.3.3.1.2.2 Extension Headers Containing Options.....15 | |||
| 3.3.3.1.2.3 Extension Headers Not Containing Options.15 | 3.3.3.1.2.3 Extension Headers Not Containing Options.15 | |||
| 3.3.3.2 Padding & Extended Sequence Numbers...............15 | 3.3.3.2 Padding & Extended Sequence Numbers...............16 | |||
| 3.3.3.2.1 ICV Padding..................................15 | 3.3.3.2.1 ICV Padding..................................16 | |||
| 3.3.3.2.2 Implicit Packet Padding & ESN................16 | 3.3.3.2.2 Implicit Packet Padding & ESN................16 | |||
| 3.3.4 Fragmentation..........................................16 | 3.3.4 Fragmentation..........................................17 | |||
| 3.4 Inbound Packet Processing...................................17 | 3.4 Inbound Packet Processing...................................17 | |||
| 3.4.1 Reassembly.............................................17 | 3.4.1 Reassembly.............................................18 | |||
| 3.4.2 Security Association Lookup............................18 | 3.4.2 Security Association Lookup............................18 | |||
| 3.4.3 Sequence Number Verification...........................18 | 3.4.3 Sequence Number Verification...........................18 | |||
| 3.4.4 Integrity Check Value Verification.....................20 | 3.4.4 Integrity Check Value Verification.....................20 | |||
| 4. Auditing..........................................................20 | 4. Auditing..........................................................21 | |||
| 5. Conformance Requirements..........................................21 | 5. Conformance Requirements..........................................21 | |||
| 6. Security Considerations...........................................21 | 6. Security Considerations...........................................21 | |||
| 7. Differences from RFC 2402.........................................21 | 7. Differences from RFC 2402.........................................22 | |||
| Acknowledgements.....................................................22 | Acknowledgements.....................................................22 | |||
| References...........................................................22 | References...........................................................22 | |||
| Author Information...................................................22 | Author Information...................................................24 | |||
| Appendix A -- Mutability of IP Options/Extension Headers.............24 | Appendix A -- Mutability of IP Options/Extension Headers.............25 | |||
| A1. IPv4 Options.................................................24 | A1. IPv4 Options.................................................25 | |||
| A2. IPv6 Extension Headers.......................................25 | A2. IPv6 Extension Headers.......................................26 | |||
| Appendix B -- Extended (64-bit) Sequence Numbers.....................27 | Appendix B -- Extended (64-bit) Sequence Numbers.....................28 | |||
| Notices..............................................................33 | Notices..............................................................34 | |||
| 1. Introduction | 1. Introduction | |||
| This document assumes that the reader is familiar with the terms and | This document assumes that the reader is familiar with the terms and | |||
| concepts described in the "Security Architecture for the Internet | concepts described in the "Security Architecture for the Internet | |||
| Protocol" [Ken-Arch], hereafter referred to as the Security | Protocol" [Ken-Arch], hereafter referred to as the Security | |||
| Architecture document. In particular, the reader should be familiar | Architecture document. In particular, the reader should be familiar | |||
| with the definitions of security services offered by the | with the definitions of security services offered by the | |||
| Encapsulating Security Payload (ESP) [Ken-ESP]and the IP | Encapsulating Security Payload (ESP) [Ken-ESP] and the IP | |||
| Authentication Header (AH) [Ken-AH], the concept of Security | Authentication Header (AH), the concept of Security Associations, the | |||
| Associations, the ways in which ESP can be used in conjunction with | ways in which ESP can be used in conjunction with the Authentication | |||
| the Authentication Header (AH), and the different key management | Header (AH), and the different key management options available for | |||
| options available for ESP and AH. | ESP and AH. | |||
| The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, | The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, | |||
| SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this | SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this | |||
| document, are to be interpreted as described in RFC 2119 [Bra97]. | document, are to be interpreted as described in RFC 2119 [Bra97]. | |||
| The IP Authentication Header (AH) is used to provide connectionless | The IP Authentication Header (AH) is used to provide connectionless | |||
| integrity and data origin authentication for IP datagrams (hereafter | integrity and data origin authentication for IP datagrams (hereafter | |||
| referred to as just "integrity"), and to provide protection against | referred to as just "integrity"), and to provide protection against | |||
| replays. This latter, optional service may be selected, by the | replays. This latter, optional service may be selected, by the | |||
| receiver, when a Security Association is established. (The protocol | receiver, when a Security Association is established. (The protocol | |||
| skipping to change at page 12, line 42 ¶ | skipping to change at page 12, line 42 ¶ | |||
| counter and when it reaches the maximum value, the counter rolls over | counter and when it reaches the maximum value, the counter rolls over | |||
| back to zero. (This behavior is recommended for multi-sender, | back to zero. (This behavior is recommended for multi-sender, | |||
| multicast SAs, unless anti-replay mechanisms outside the scope of | multicast SAs, unless anti-replay mechanisms outside the scope of | |||
| this standard are negotiated between the sender and receiver.) | this standard are negotiated between the sender and receiver.) | |||
| If ESN (see Appendix B) is selected, only the low order 32 bits of | If ESN (see Appendix B) is selected, only the low order 32 bits of | |||
| the Sequence Number are transmitted in the Sequence Number field, | the Sequence Number are transmitted in the Sequence Number field, | |||
| although both sender and receiver maintain full 64-bit ESN counters. | although both sender and receiver maintain full 64-bit ESN counters. | |||
| However, the high order 32 bits are included in the ICV calculation. | However, the high order 32 bits are included in the ICV calculation. | |||
| Note: If a receiver chooses to not enable anti-replay for an SA, then | ||||
| the receiver SHOULD NOT negotiate ESN in an SA management protocol. | ||||
| Use of ESN creates a need for the receiver to manage the anti-replay | ||||
| window (in order to determine the correct value for the high order | ||||
| bits of the ESN, which are employed in the ICV computation), which is | ||||
| generally contrary to the notion of disabling anti-replay for an SA. | ||||
| 3.3.3 Integrity Check Value Calculation | 3.3.3 Integrity Check Value Calculation | |||
| The AH ICV is computed over: | The AH ICV is computed over: | |||
| o IP or extension header fields before the AH header that are | o IP or extension header fields before the AH header that are | |||
| either immutable in transit or that are predictable in value | either immutable in transit or that are predictable in value | |||
| upon arrival at the endpoint for the AH SA | upon arrival at the endpoint for the AH SA | |||
| o the AH header (Next Header, Payload Len, Reserved, SPI, | o the AH header (Next Header, Payload Len, Reserved, SPI, | |||
| Sequence Number (low order 32 bits), and the Integrity Check | Sequence Number (low order 32 bits), and the Integrity Check | |||
| Value (which is set to zero for this computation), and | Value (which is set to zero for this computation), and | |||
| explicit padding bytes (if any)) | explicit padding bytes (if any)) | |||
| skipping to change at page 23, line 14 ¶ | skipping to change at page 23, line 25 ¶ | |||
| Informative | Informative | |||
| [HC03] Holbrook, H., and Cain, B., "Source Specific Multicast for | [HC03] Holbrook, H., and Cain, B., "Source Specific Multicast for | |||
| IP", Internet-Draft, draft-ietf-ssm-arch-01.txt, November | IP", Internet-Draft, draft-ietf-ssm-arch-01.txt, November | |||
| 3, 2002. | 3, 2002. | |||
| [HC98] Harkins, D., and D. Carrel, "The Internet Key Exchange | [HC98] Harkins, D., and D. Carrel, "The Internet Key Exchange | |||
| (IKE)", RFC 2409, November 1998. | (IKE)", RFC 2409, November 1998. | |||
| [Ken-AH] Kent, S., "IP Authentication Header (AH)", RFC ???, ??? | ||||
| 200?. | ||||
| [RFC Editor: Please update the reference [Ken-AH] "IP | ||||
| Authentication Header" (draft-ietf-ipsec-rfc2402bis-10.txt) | ||||
| with the RFC number and month when it is issued.] | ||||
| [Ken-ESP] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC | [Ken-ESP] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC | |||
| ???, ???? 200?. | ???, ???? 200?. | |||
| [RFC Editor: Please update the reference [Ken-ESP] "IP | [RFC Editor: Please update the reference [Ken-ESP] "IP | |||
| Encapsulating Security Payload (ESP)" (draft-ietf-ipsec- | Encapsulating Security Payload (ESP)" (draft-ietf-ipsec- | |||
| esp-v3-09.txt) with the RFC number and month when it is | esp-v3-09.txt) with the RFC number and month when it is | |||
| issued.] | issued.] | |||
| [NBBB98] Nichols, K., Blake, S., Baker, F., Black, D., "Definition | [NBBB98] Nichols, K., Blake, S., Baker, F., Black, D., "Definition | |||
| of the Differentiated Services Field (DS Field) in the IPv4 | of the Differentiated Services Field (DS Field) in the IPv4 | |||
| skipping to change at page 33, line 27 ¶ | skipping to change at page 34, line 27 ¶ | |||
| obtain a general license or permission for the use of such | obtain a general license or permission for the use of such | |||
| proprietary rights by implementers or users of this specification can | proprietary rights by implementers or users of this specification can | |||
| be obtained from the IETF Secretariat. | be obtained from the IETF Secretariat. | |||
| The IETF invites any interested party to bring to its attention any | The IETF invites any interested party to bring to its attention any | |||
| copyrights, patents or patent applications, or other proprietary | copyrights, patents or patent applications, or other proprietary | |||
| rights which may cover technology that may be required to practice | rights which may cover technology that may be required to practice | |||
| this standard. Please address the information to the IETF Executive | this standard. Please address the information to the IETF Executive | |||
| Director. | Director. | |||
| Copyright (C) The Internet Society (2004). This document is subject | Copyright (C) The Internet Society (2005). This document is subject | |||
| to the rights, licenses and restrictions contained in BCP 78, and | to the rights, licenses and restrictions contained in BCP 78, and | |||
| except as set forth therein, the authors retain all their rights. | except as set forth therein, the authors retain all their rights. | |||
| This document is subject to the rights, licenses and restrictions | This document is subject to the rights, licenses and restrictions | |||
| contained in BCP 78, and except as set forth therein, the authors | contained in BCP 78, and except as set forth therein, the authors | |||
| retain all their rights. | retain all their rights. | |||
| This document and translations of it may be copied and furnished to | This document and translations of it may be copied and furnished to | |||
| others, and derivative works that comment on or otherwise explain it | others, and derivative works that comment on or otherwise explain it | |||
| or assist in its implementation may be prepared, copied, published | or assist in its implementation may be prepared, copied, published | |||
| skipping to change at page 34, line 13 ¶ | skipping to change at page 35, line 13 ¶ | |||
| revoked by the Internet Society or its successors or assigns. | revoked by the Internet Society or its successors or assigns. | |||
| This document and the information contained herein are provided on an | This document and the information contained herein are provided on an | |||
| "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS | "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS | |||
| OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET | OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET | |||
| ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, | ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, | |||
| INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE | INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE | |||
| INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED | INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED | |||
| WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. | WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. | |||
| Expires June 2005 | Expires September 2005 | |||
| End of changes. 21 change blocks. | ||||
| 36 lines changed or deleted | 35 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||