| draft-ietf-hip-rfc5202-bis-04.txt | draft-ietf-hip-rfc5202-bis-05.txt | |||
|---|---|---|---|---|
| Network Working Group P. Jokela | Network Working Group P. Jokela | |||
| Internet-Draft Ericsson Research NomadicLab | Internet-Draft Ericsson Research NomadicLab | |||
| Obsoletes: 5202 (if approved) R. Moskowitz | Obsoletes: 5202 (if approved) R. Moskowitz | |||
| Intended status: Standards Track ICSAlabs, An Independent | Intended status: Standards Track ICSAlabs, An Independent | |||
| Expires: March 8, 2014 Division of Verizon Business | Expires: May 22, 2014 Division of Verizon Business | |||
| Systems | Systems | |||
| J. Melen | J. Melen | |||
| Ericsson Research NomadicLab | Ericsson Research NomadicLab | |||
| September 4, 2013 | November 18, 2013 | |||
| Using the Encapsulating Security Payload (ESP) Transport Format with the | Using the Encapsulating Security Payload (ESP) Transport Format with the | |||
| Host Identity Protocol (HIP) | Host Identity Protocol (HIP) | |||
| draft-ietf-hip-rfc5202-bis-04 | draft-ietf-hip-rfc5202-bis-05 | |||
| Abstract | Abstract | |||
| This memo specifies an Encapsulated Security Payload (ESP) based | This memo specifies an Encapsulated Security Payload (ESP) based | |||
| mechanism for transmission of user data packets, to be used with the | mechanism for transmission of user data packets, to be used with the | |||
| Host Identity Protocol (HIP). This document obsoletes RFC 5202. | Host Identity Protocol (HIP). This document obsoletes RFC 5202. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 38 | skipping to change at page 1, line 38 | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on March 8, 2014. | This Internet-Draft will expire on May 22, 2014. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2013 IETF Trust and the persons identified as the | Copyright (c) 2013 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 45 | skipping to change at page 2, line 45 | |||
| 5.1.1. ESP_INFO . . . . . . . . . . . . . . . . . . . . . . . 13 | 5.1.1. ESP_INFO . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 5.1.2. ESP_TRANSFORM . . . . . . . . . . . . . . . . . . . . 15 | 5.1.2. ESP_TRANSFORM . . . . . . . . . . . . . . . . . . . . 15 | |||
| 5.1.3. NOTIFICATION Parameter . . . . . . . . . . . . . . . . 16 | 5.1.3. NOTIFICATION Parameter . . . . . . . . . . . . . . . . 16 | |||
| 5.2. HIP ESP Security Association Setup . . . . . . . . . . . . 16 | 5.2. HIP ESP Security Association Setup . . . . . . . . . . . . 16 | |||
| 5.2.1. Setup During Base Exchange . . . . . . . . . . . . . . 16 | 5.2.1. Setup During Base Exchange . . . . . . . . . . . . . . 16 | |||
| 5.3. HIP ESP Rekeying . . . . . . . . . . . . . . . . . . . . . 18 | 5.3. HIP ESP Rekeying . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 5.3.1. Initializing Rekeying . . . . . . . . . . . . . . . . 18 | 5.3.1. Initializing Rekeying . . . . . . . . . . . . . . . . 18 | |||
| 5.3.2. Responding to the Rekeying Initialization . . . . . . 19 | 5.3.2. Responding to the Rekeying Initialization . . . . . . 19 | |||
| 5.4. ICMP Messages . . . . . . . . . . . . . . . . . . . . . . 19 | 5.4. ICMP Messages . . . . . . . . . . . . . . . . . . . . . . 19 | |||
| 5.4.1. Unknown SPI . . . . . . . . . . . . . . . . . . . . . 19 | 5.4.1. Unknown SPI . . . . . . . . . . . . . . . . . . . . . 19 | |||
| 6. Packet Processing . . . . . . . . . . . . . . . . . . . . . . 19 | 6. Packet Processing . . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 6.1. Processing Outgoing Application Data . . . . . . . . . . . 20 | 6.1. Processing Outgoing Application Data . . . . . . . . . . . 20 | |||
| 6.2. Processing Incoming Application Data . . . . . . . . . . . 20 | 6.2. Processing Incoming Application Data . . . . . . . . . . . 20 | |||
| 6.3. HMAC and SIGNATURE Calculation and Verification . . . . . 21 | 6.3. HMAC and SIGNATURE Calculation and Verification . . . . . 21 | |||
| 6.4. Processing Incoming ESP SA Initialization (R1) . . . . . . 21 | 6.4. Processing Incoming ESP SA Initialization (R1) . . . . . . 21 | |||
| 6.5. Processing Incoming Initialization Reply (I2) . . . . . . 21 | 6.5. Processing Incoming Initialization Reply (I2) . . . . . . 22 | |||
| 6.6. Processing Incoming ESP SA Setup Finalization (R2) . . . . 22 | 6.6. Processing Incoming ESP SA Setup Finalization (R2) . . . . 22 | |||
| 6.7. Dropping HIP Associations . . . . . . . . . . . . . . . . 22 | 6.7. Dropping HIP Associations . . . . . . . . . . . . . . . . 22 | |||
| 6.8. Initiating ESP SA Rekeying . . . . . . . . . . . . . . . . 22 | 6.8. Initiating ESP SA Rekeying . . . . . . . . . . . . . . . . 22 | |||
| 6.9. Processing Incoming UPDATE Packets . . . . . . . . . . . . 24 | 6.9. Processing Incoming UPDATE Packets . . . . . . . . . . . . 24 | |||
| 6.9.1. Processing UPDATE Packet: No Outstanding Rekeying | 6.9.1. Processing UPDATE Packet: No Outstanding Rekeying | |||
| Request . . . . . . . . . . . . . . . . . . . . . . . 24 | Request . . . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 6.10. Finalizing Rekeying . . . . . . . . . . . . . . . . . . . 25 | 6.10. Finalizing Rekeying . . . . . . . . . . . . . . . . . . . 25 | |||
| 6.11. Processing NOTIFY Packets . . . . . . . . . . . . . . . . 26 | 6.11. Processing NOTIFY Packets . . . . . . . . . . . . . . . . 26 | |||
| 7. Keying Material . . . . . . . . . . . . . . . . . . . . . . . 26 | 7. Keying Material . . . . . . . . . . . . . . . . . . . . . . . 26 | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 26 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 26 | |||
| 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 | |||
| 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 27 | 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 27 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 28 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 28 | |||
| 11.1. Normative references . . . . . . . . . . . . . . . . . . . 28 | 11.1. Normative references . . . . . . . . . . . . . . . . . . . 28 | |||
| 11.2. Informative references . . . . . . . . . . . . . . . . . . 28 | 11.2. Informative references . . . . . . . . . . . . . . . . . . 29 | |||
| Appendix A. A Note on Implementation Options . . . . . . . . . . 29 | Appendix A. A Note on Implementation Options . . . . . . . . . . 30 | |||
| Appendix B. Bound End-to-End Tunnel mode for ESP . . . . . . . . 30 | Appendix B. Bound End-to-End Tunnel mode for ESP . . . . . . . . 30 | |||
| B.1. Protocol definition . . . . . . . . . . . . . . . . . . . 30 | B.1. Protocol definition . . . . . . . . . . . . . . . . . . . 31 | |||
| B.1.1. Changes to Security Association data structures . . . 30 | B.1.1. Changes to Security Association data structures . . . 31 | |||
| B.1.2. Packet format . . . . . . . . . . . . . . . . . . . . 31 | B.1.2. Packet format . . . . . . . . . . . . . . . . . . . . 31 | |||
| B.1.3. Cryptographic processing . . . . . . . . . . . . . . . 33 | B.1.3. Cryptographic processing . . . . . . . . . . . . . . . 33 | |||
| B.1.4. IP header processing . . . . . . . . . . . . . . . . . 33 | B.1.4. IP header processing . . . . . . . . . . . . . . . . . 33 | |||
| B.1.5. Handling of outgoing packets . . . . . . . . . . . . . 33 | B.1.5. Handling of outgoing packets . . . . . . . . . . . . . 34 | |||
| B.1.6. Handling of incoming packets . . . . . . . . . . . . . 34 | B.1.6. Handling of incoming packets . . . . . . . . . . . . . 35 | |||
| B.1.7. IPv4 options handling . . . . . . . . . . . . . . . . 35 | B.1.7. IPv4 options handling . . . . . . . . . . . . . . . . 35 | |||
| 1. Introduction | 1. Introduction | |||
| In the Host Identity Protocol Architecture | In the Host Identity Protocol Architecture | |||
| [I-D.ietf-hip-rfc4423-bis], hosts are identified with public keys. | [I-D.ietf-hip-rfc4423-bis], hosts are identified with public keys. | |||
| The Host Identity Protocol [I-D.ietf-hip-rfc5201-bis] base exchange | The Host Identity Protocol [I-D.ietf-hip-rfc5201-bis] base exchange | |||
| allows any two HIP-supporting hosts to authenticate each other and to | allows any two HIP-supporting hosts to authenticate each other and to | |||
| create a HIP association between themselves. During the base | create a HIP association between themselves. During the base | |||
| exchange, the hosts generate a piece of shared keying material using | exchange, the hosts generate a piece of shared keying material using | |||
| skipping to change at page 15, line 48 | skipping to change at page 15, line 48 | |||
| DEPRECATED 4 | DEPRECATED 4 | |||
| DEPRECATED 5 | DEPRECATED 5 | |||
| DEPRECATED 6 | DEPRECATED 6 | |||
| NULL-ENCRYPT with HMAC-SHA-256 7 [RFC2410], [RFC4868] | NULL-ENCRYPT with HMAC-SHA-256 7 [RFC2410], [RFC4868] | |||
| AES-128-CBC with HMAC-SHA-256 8 [RFC3602], [RFC4868] | AES-128-CBC with HMAC-SHA-256 8 [RFC3602], [RFC4868] | |||
| AES-256-CBC with HMAC-SHA-256 9 [RFC3602], [RFC4868] | AES-256-CBC with HMAC-SHA-256 9 [RFC3602], [RFC4868] | |||
| AES-CCM-8 10 [RFC4309] | AES-CCM-8 10 [RFC4309] | |||
| AES-CCM-16 11 [RFC4309] | AES-CCM-16 11 [RFC4309] | |||
| AES-GCM with a 8 octet ICV 12 [RFC4106] | AES-GCM with a 8 octet ICV 12 [RFC4106] | |||
| AES-GCM with a 16 octet ICV 13 [RFC4106] | AES-GCM with a 16 octet ICV 13 [RFC4106] | |||
| AES-CMAC-96 14 [RFC4493], [RFC4494] | ||||
| AES-GMAC 15 [RFC4543] | ||||
| The sender of an ESP transform parameter MUST make sure that there | The sender of an ESP transform parameter MUST make sure that there | |||
| are no more than six (6) Suite IDs in one ESP transform parameter. | are no more than six (6) Suite IDs in one ESP transform parameter. | |||
| Conversely, a recipient MUST be prepared to handle received transform | Conversely, a recipient MUST be prepared to handle received transform | |||
| parameters that contain more than six Suite IDs. The limited number | parameters that contain more than six Suite IDs. The limited number | |||
| of Suite IDs sets the maximum size of the ESP_TRANSFORM parameter. | of Suite IDs sets the maximum size of the ESP_TRANSFORM parameter. | |||
| As the default configuration, the ESP_TRANSFORM parameter MUST | As the default configuration, the ESP_TRANSFORM parameter MUST | |||
| contain at least one of the mandatory Suite IDs. There MAY be a | contain at least one of the mandatory Suite IDs. There MAY be a | |||
| configuration option that allows the administrator to override this | configuration option that allows the administrator to override this | |||
| default. | default. | |||
| Mandatory implementations: AES-128-CBC with HMAC-SHA-256 and NULL | Mandatory implementations: AES-128-CBC with HMAC-SHA-256 and NULL | |||
| with HMAC-SHA-256. | with HMAC-SHA-256. | |||
| skipping to change at page 28, line 12 | skipping to change at page 28, line 20 | |||
| also valid for this document. Many people have given valuable | also valid for this document. Many people have given valuable | |||
| feedback, and our apologies to anyone whose name is missing. | feedback, and our apologies to anyone whose name is missing. | |||
| 11. References | 11. References | |||
| 11.1. Normative references | 11.1. Normative references | |||
| [I-D.ietf-hip-rfc5201-bis] Moskowitz, R., Heer, T., Jokela, P., and | [I-D.ietf-hip-rfc5201-bis] Moskowitz, R., Heer, T., Jokela, P., and | |||
| T. Henderson, "Host Identity Protocol | T. Henderson, "Host Identity Protocol | |||
| Version 2 (HIPv2)", | Version 2 (HIPv2)", | |||
| draft-ietf-hip-rfc5201-bis-12 (work in | draft-ietf-hip-rfc5201-bis-14 (work in | |||
| progress), June 2013. | progress), October 2013. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs | [RFC2119] Bradner, S., "Key words for use in RFCs | |||
| to Indicate Requirement Levels", BCP 14, | to Indicate Requirement Levels", BCP 14, | |||
| RFC 2119, March 1997. | RFC 2119, March 1997. | |||
| [RFC2404] Madson, C. and R. Glenn, "The Use of | [RFC2404] Madson, C. and R. Glenn, "The Use of | |||
| HMAC-SHA-1-96 within ESP and AH", | HMAC-SHA-1-96 within ESP and AH", | |||
| RFC 2404, November 1998. | RFC 2404, November 1998. | |||
| [RFC2410] Glenn, R. and S. Kent, "The NULL | [RFC2410] Glenn, R. and S. Kent, "The NULL | |||
| skipping to change at page 28, line 44 | skipping to change at page 29, line 5 | |||
| RFC 4106, June 2005. | RFC 4106, June 2005. | |||
| [RFC4303] Kent, S., "IP Encapsulating Security | [RFC4303] Kent, S., "IP Encapsulating Security | |||
| Payload (ESP)", RFC 4303, December 2005. | Payload (ESP)", RFC 4303, December 2005. | |||
| [RFC4309] Housley, R., "Using Advanced Encryption | [RFC4309] Housley, R., "Using Advanced Encryption | |||
| Standard (AES) CCM Mode with IPsec | Standard (AES) CCM Mode with IPsec | |||
| Encapsulating Security Payload (ESP)", | Encapsulating Security Payload (ESP)", | |||
| RFC 4309, December 2005. | RFC 4309, December 2005. | |||
| [RFC4493] Song, JH., Poovendran, R., Lee, J., and | ||||
| T. Iwata, "The AES-CMAC Algorithm", | ||||
| RFC 4493, June 2006. | ||||
| [RFC4494] Song, JH., Poovendran, R., and J. Lee, | ||||
| "The AES-CMAC-96 Algorithm and Its Use | ||||
| with IPsec", RFC 4494, June 2006. | ||||
| [RFC4543] McGrew, D. and J. Viega, "The Use of | ||||
| Galois Message Authentication Code (GMAC) | ||||
| in IPsec ESP and AH", RFC 4543, May 2006. | ||||
| [RFC4868] Kelly, S. and S. Frankel, "Using HMAC- | [RFC4868] Kelly, S. and S. Frankel, "Using HMAC- | |||
| SHA-256, HMAC-SHA-384, and HMAC-SHA-512 | SHA-256, HMAC-SHA-384, and HMAC-SHA-512 | |||
| with IPsec", RFC 4868, May 2007. | with IPsec", RFC 4868, May 2007. | |||
| 11.2. Informative references | 11.2. Informative references | |||
| [I-D.ietf-hip-rfc4423-bis] Moskowitz, R., "Host Identity Protocol | [I-D.ietf-hip-rfc4423-bis] Moskowitz, R. and M. Komu, "Host Identity | |||
| Architecture", | Protocol Architecture", | |||
| draft-ietf-hip-rfc4423-bis-05 (work in | draft-ietf-hip-rfc4423-bis-06 (work in | |||
| progress), September 2012. | progress), November 2013. | |||
| [RFC0791] Postel, J., "Internet Protocol", STD 5, | [RFC0791] Postel, J., "Internet Protocol", STD 5, | |||
| RFC 791, September 1981. | RFC 791, September 1981. | |||
| [RFC4301] Kent, S. and K. Seo, "Security | [RFC4301] Kent, S. and K. Seo, "Security | |||
| Architecture for the Internet Protocol", | Architecture for the Internet Protocol", | |||
| RFC 4301, December 2005. | RFC 4301, December 2005. | |||
| [RFC5206] Henderson, T., Ed., "End-Host Mobility | [RFC5206] Henderson, T., Ed., "End-Host Mobility | |||
| and Multihoming with the Host Identity | and Multihoming with the Host Identity | |||
| End of changes. 14 change blocks. | ||||
| 18 lines changed or deleted | 33 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||