[netbsd-mini2440.git] / crypto / dist / ipsec-tools / src / racoon / rfc / draft-dukes-ike-mode-cfg-02.txt
| blob | 8778dcebdfdfc912da8a5af45e128ac90672bf21 |
4 INTERNET-DRAFT D. Dukes
5 Expires March 2002 R. Pereira
6 Document: <draft-dukes-ike-mode-cfg-02.txt> Cisco Systems
7 September 2001
10 The ISAKMP Configuration Method
11 <draft-dukes-ike-mode-cfg-02.txt>
15 Status of this Memo
17 This document is an Internet-Draft and is in full conformance with
18 all provisions of Section 10 of RFC2026 [1].
20 Internet-Drafts are working documents of the Internet Engineering
21 Task Force (IETF), its areas, and its working groups. Note that
22 other groups may also distribute working documents as Internet-
23 Drafts. Internet-Drafts are draft documents valid for a maximum of
24 six months and may be updated, replaced, or obsoleted by other
25 documents at any time. It is inappropriate to use Internet- Drafts
26 as reference material or to cite them other than as "work in
27 progress."
28 The list of current Internet-Drafts can be accessed at
29 http://www.ietf.org/ietf/1id-abstracts.txt
30 The list of Internet-Draft Shadow Directories can be accessed at
31 http://www.ietf.org/shadow.html.
34 Abstract
36 This document describes a new ISAKMP method that allows
37 configuration items to be exchanged securely by using both
38 push/acknowledge or request/reply paradigms.
40 The authors currently intend this document to be published as an
41 Informational RFC, not a standards-track document, so that the many
42 IPsec implementations that have implemented to earlier drafts of
43 this protocol can have a single stable reference.
45 Comments regarding this draft should be sent to ietf-mode-
46 cfg@vpnc.org or to the authors.
49 Conventions used in this document
51 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
52 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
53 this document are to be interpreted as described in RFC-2119 [2].
59 Dukes, Pereira 1
60 \f
61 The ISAKMP Configuration Method September 2001
65 Table of Contents
66 1. Introduction....................................................3
67 1.1. Changes since last revision...................................3
68 1.2. Reader Prerequisites..........................................3
69 2. Configuration Transaction.......................................3
70 3. Configuration Method Exchange and Payload.......................4
71 3.1. Transaction Exchanges.........................................4
72 3.1.1. Protected Exchanges.........................................4
73 3.1.2. Unprotected Exchanges.......................................5
74 3.2. Attribute Payload.............................................5
75 3.3. Configuration Message Types...................................6
76 3.4. Configuration Attributes......................................6
77 3.5. Retransmission................................................9
78 4. Exchange Positioning............................................9
79 5. Specific Uses...................................................9
80 5.1. Requesting an Internal Address................................9
81 5.2. Requesting the Peer’s Version................................10
82 6. Enterprise Management Considerations...........................11
83 7. Security Considerations........................................11
84 8. References.....................................................11
85 10. Author's Addresses............................................12
86 Full Copyright Statement..........................................13
118 Dukes, Pereira 2
119 \f
120 The ISAKMP Configuration Method September 2001
124 1. Introduction
126 The ISAKMP protocol provides a framework to negotiate and generate
127 Security Associations. While negotiating SAs, it is sometimes quite
128 useful to retrieve certain information from the other peer before
129 the non-ISAKMP SA can be established. Luckily, ISAKMP is also
130 flexible enough to provide configuration information and do it
131 securely. This document will present a mechanism to extend ISAKMP
132 to provide such functionality.
134 1.1. Changes since last revision.
136 The last revision of this document was published as "draft-dukes-
137 ike-mode-cfg-01.txt", and was originally named "draft-ietf-ipsec-
138 isakmp-mode-cfg"
140 o Fixed some typo's and cross-references.
142 1.2. Reader Prerequisites
144 It is assumed that the reader is familiar with the terms and
145 concepts described in the "Security Architecture for the Internet
146 Protocol" [ArchSec] and "IP Security Document Roadmap" [Thayer97]
147 documents.
149 Readers are advised to be familiar with both [IKE] and [ISAKMP]
150 because of the terminology used within this document and the fact
151 that this document is an extension of both of those documents.
154 2. Configuration Transaction
156 A "Configuration Transaction" is defined as one or more transaction
157 exchanges each consisting of two messages, the first being either a
158 Set or a Request and the second being either an Acknowledge or a
159 Reply, respectively. A common identifier is used to identify the
160 configuration transaction between exchanges.
162 There are two paradigms to follow for this method.
164 o "Request/Reply" allows a host to request information from an
165 informed hosts (a configuration manager). If the attributes in the
166 Request message are not empty, then these attributes are taken as
167 suggestions for that attribute. The Reply message MAY wish to
168 choose those values, or return new values. It MAY also add new
169 attributes and not include some requested attributes.
171 A Reply MUST always be sent when a Request is received, even if it
172 is an empty Reply or if there are missing attributes in the Request.
173 This merely means that the requested attributes were not available
174 or unknown.
177 Dukes, Pereira 3
178 \f
179 The ISAKMP Configuration Method September 2001
182 Initiator Responder
183 --------------- --------------
184 REQUEST -->
185 <-- REPLY
187 o "Set/Acknowledge" works on the push principle that allows a
188 configuration manager (a host that wishes to send information to
189 another host) to start the configuration transaction. This code
190 sends attributes that it wants the peer to alter. The Acknowledge
191 code MUST return the zero length attributes that it accepted. Those
192 attributes that it did not accept will NOT be sent back in the
193 acknowledgement.
195 Initiator Responder
196 --------------- -------------------
197 SET -->
198 <-- ACKNOWLEDGE
200 Transaction exchanges are completed once the Reply or Acknowledge
201 code is received. If one is not received, the implementation MAY
202 wish to retransmit the original message as detailed in a later
203 section.
205 The initiator and responder are not necessarily the same as the
206 initiator and responder of the ISAKMP exchange.
209 3. Configuration Method Exchange and Payload
211 3.1. Transaction Exchanges
213 A new exchange mode is required for the configuration method. This
214 exchange is called the "Transaction Exchange" and has a value of 6.
215 This exchange is quite similar to the Information exchange described
216 in [ISAKMP] and [IKE], but allows for multi-exchange transactions
217 instead of being a one-way transmittal of information.
219 This specification protects ISAKMP Transaction Exchanges when
220 possible.
223 3.1.1. Protected Exchanges
225 Once an ISAKMP security association has been established (and
226 SKEYID_e and SKEYID_a have been generated), the ISAKMP Transaction
227 Exchange is as follows:
229 Initiator Responder
230 ----------- -----------
231 HDR*, HASH, ATTR -->
232 <-- HDR*, HASH, ATTR
236 Dukes, Pereira 4
237 \f
238 The ISAKMP Configuration Method September 2001
241 Where the HASH payload contains the prf output, using SKEYID_a as
242 the key, and the M-ID (ISAKMP header Message ID) unique to this
243 exchange concatenated with all of the payloads after the HASH
244 payload. In other words, the hash for the above exchange is:
246 HASH = prf( SKEYID_a, M-ID | ATTR )
248 Multiple ATTR payloads MAY NOT be present in the Transaction
249 Exchange.
251 As noted, the message ID in the ISAKMP header-- as used in the prf
252 computation-- is unique to this transaction exchange and MUST NOT be
253 the same as the message ID of another transaction exchange. The
254 derivation of the initialization vector (IV) for the first message,
255 used with SKEYID_e to encrypt the message, is described in Appendix
256 B of [IKE]. Subsequent IVs are taken from the last ciphertext block
257 of the previous message as described in [IKE].
260 3.1.2. Unprotected Exchanges
262 If the ISAKMP security association has not yet been established at
263 the time of the Transaction Exchange and the information being
264 exchanged is not sensitive, the exchange MAY be done in the clear
265 without an accompanying HASH payload.
267 Initiator Responder
268 ----------- -----------
269 HDR, ATTR -->
270 <-- HDR, ATTR
272 Multiple ATTR payloads MAY NOT be present in the Transaction
273 Exchange.
276 3.2. Attribute Payload
278 A new payload is defined to carry attributes as well as the type of
279 transaction message.
281 1 2 3
282 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
283 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
284 ! Next Payload ! RESERVED ! Payload Length !
285 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
286 ! Type ! RESERVED ! Identifier !
287 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
288 ! !
289 ~ Attributes ~
290 ! !
291 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
293 The Attributes Payload fields are defined as follows:
295 Dukes, Pereira 5
296 \f
297 The ISAKMP Configuration Method September 2001
301 o Next Payload (1 octet) - Identifier for the payload type of the
302 next payload in the message. If the current payload is the last in
303 the message, then this field will be 0.
305 o RESERVED (1 octet) - Unused, set to 0.
307 o Payload Length (2 octets) - Length in octets of the current
308 payload, including the generic payload header, the transaction-
309 specific header and all attributes. If the length does not match
310 the length of the payload headers plus the attributes, (i.e. an
311 attribute is half contained within this payload) then entire payload
312 MUST be discarded.
314 o Attribute Message Type (1 octet) - Specifies the type of message
315 represented by the attributes. These are defined in the next
316 section.
318 o RESERVED (1 octet) - Unused, set to 0.
320 o Identifier (2 octets) - An identifier used to reference a
321 configuration transaction within the individual messages.
323 o Attributes (variable length) - Zero or more ISAKMP Data Attributes
324 as defined in [ISAKMP]. The attribute types are defined in a later
325 section.
327 The payload type for the Attributes Payload is 14.
330 3.3. Configuration Message Types
332 These values are to be used within the Type field of an Attribute
333 ISAKMP payload.
335 Types Value
336 ========================== ===========
337 RESERVED 0
338 ISAKMP_CFG_REQUEST 1
339 ISAKMP_CFG_REPLY 2
340 ISAKMP_CFG_SET 3
341 ISAKMP_CFG_ACK 4
342 Reserved for Future Use 5-127
343 Reserved for Private Use 128-255
345 Messages with unknown types SHOULD be silently discarded.
348 3.4. Configuration Attributes
350 Zero or more ISAKMP attributes [ISAKMP] are contained within an
351 Attributes Payload. Zero length attribute values are usually sent in
352 a Request and MUST NOT be sent in a Response.
354 Dukes, Pereira 6
355 \f
356 The ISAKMP Configuration Method September 2001
360 All IPv6 specific attributes are mandatory only if the
361 implementation supports IPv6 and vice versa for IPv4. Mandatory
362 attributes are stated below.
364 Unknown private attributes SHOULD be silently discarded.
366 The following attributes are currently defined:
368 Attribute Value Type Length
369 ========================= ======= ========== =====================
370 RESERVED 0
371 INTERNAL_IP4_ADDRESS 1 Variable 0 or 4 octets
372 INTERNAL_IP4_NETMASK 2 Variable 0 or 4 octets
373 INTERNAL_IP4_DNS 3 Variable 0 or 4 octets
374 INTERNAL_IP4_NBNS 4 Variable 0 or 4 octets
375 INTERNAL_ADDRESS_EXPIRY 5 Variable 0 or 4 octets
376 INTERNAL_IP4_DHCP 6 Variable 0 or 4 octets
377 APPLICATION_VERSION 7 Variable 0 or more
378 INTERNAL_IP6_ADDRESS 8 Variable 0 or 16 octets
379 INTERNAL_IP6_NETMASK 9 Variable 0 or 16 octets
380 INTERNAL_IP6_DNS 10 Variable 0 or 16 octets
381 INTERNAL_IP6_NBNS 11 Variable 0 or 16 octets
382 INTERNAL_IP6_DHCP 12 Variable 0 or 16 octets
383 INTERNAL_IP4_SUBNET 13 Variable 0 or 8 octets
384 SUPPORTED_ATTRIBUTES 14 Variable 0 or multiples of 2
385 INTERNAL_IP6_SUBNET 15 Variable 0 or 17 octets
386 Reserved for future use 16-16383
387 Reserved for private use 16384-32767
389 o INTERNAL_IP4_ADDRESS, INTERNAL_IP6_ADDRESS - Specifies an address
390 within the internal network. This address is sometimes called a red
391 node address or a private address and MAY be a private address on
392 the Internet. Multiple internal addresses MAY be requested by
393 requesting multiple internal address attributes. The responder MAY
394 only send up to the number of addresses requested.
396 The requested address is valid until the expiry time defined with
397 the INTERNAL_ADDRESS EXPIRY attribute or until the ISAKMP SA that
398 was used to secure the request expires. The address MAY also expire
399 when the IPSec (phase 2) SA expires, if the request is associated
400 with a phase 2 negotiation. If no ISAKMP SA was used to secure the
401 request, then the response MUST include an
402 expiry or the host MUST expire the SA after an implementation-
403 defined time.
405 An implementation MUST support this attribute.
407 o INTERNAL_IP4_NETMASK, INTERNAL_IP6_NETMASK - The internal
408 network's netmask. Only one netmask is allowed in the request and
409 reply messages (e.g. 255.255.255.0) and it MUST be used only with an
410 INTERNAL_ADDRESS attribute.
413 Dukes, Pereira 7
414 \f
415 The ISAKMP Configuration Method September 2001
418 An implementation MUST support this attribute.
420 o INTERNAL_IP4_DNS, INTERNAL_IP6_DNS - Specifies an address of a DNS
421 server within the network. Multiple DNS servers MAY be requested.
422 The responder MAY respond with zero or more DNS server attributes.
424 o INTERNAL_IP4_NBNS, INTERNAL_IP6_NBNS - Specifies an address of a
425 NetBios Name Server (WINS) within the network. Multiple NBNS
426 servers MAY be requested. The responder MAY respond with zero or
427 more NBNS server attributes.
429 o INTERNAL_ADDRESS_EXPIRY - Specifies the number of seconds that the
430 host can use the internal IP address. The host MUST renew the IP
431 address before this expiry time. Only one attribute MAY be present
432 in the reply.
434 An implementation MUST support this attribute.
436 o INTERNAL_IP4_DHCP, INTERNAL_IP6_DHCP - Instructs the host to send
437 any internal DHCP requests to the address contained within the
438 attribute. Multiple DHCP servers MAY be requested. The responder
439 MAY respond with zero or more DHCP server attributes.
441 o APPLICATION_VERSION - The version or application information of
442 the IPSec host. This is a string of printable ASCII characters that
443 is NOT null terminated.
445 This attribute does not need to be secured.
447 An implementation MUST support this attribute.
449 o INTERNAL_IP4_SUBNET - The protected sub-networks that this edge-
450 device protects. This attribute is made up of two fields; the first
451 being an IP address and the second being a netmask. Multiple sub-
452 networks MAY be requested. The responder MAY respond with zero or
453 more sub-network attributes.
455 An implementation MUST support this attribute.
457 o SUPPORTED_ATTRIBUTES - When used within a Request, this attribute
458 must be zero length and specifies a query to the responder to reply
459 back with all of the attributes that it supports. The response
460 contains an attribute that contains a set of attribute identifiers
461 each in 2 octets. The length divided by 2 (bytes) would state the
462 number of supported attributes contained in the response.
464 An implementation MUST support this attribute.
466 o INTERNAL_IP6_SUBNET - The protected sub-networks that this edge-
467 device protects. This attribute is made up of two fields; the first
468 being a 16 octet IPv6 address the second being a one octet prefix-
469 mask as defined in [ADDRIPV6]. Multiple sub-networks MAY be
472 Dukes, Pereira 8
473 \f
474 The ISAKMP Configuration Method September 2001
477 requested. The responder MAY respond with zero or more sub-network
478 attributes.
480 An implementation MUST support this attribute.
482 Note that no recommendations are made in this document how an
483 implementation actually figures out what information to send in a
484 reply. i.e. we do not recommend any specific method of (an edge
485 device) determining which DNS server should be returned to a
486 requesting host.
489 3.5. Retransmission
491 Retransmission SHOULD follow the same retransmission rules used with
492 standard ISAKMP messages.
495 4. Exchange Positioning
497 The exchange and messages defined within this document MAY appear at
498 any time. Because of security considerations with most attributes,
499 the exchange SHOULD be secured with an ISAKMP phase 1 SA.
501 Depending on the type of transaction and the information being
502 exchanged, the exchange MAY be dependant on an ISAKMP phase 1 SA
503 negotiation, a phase 2 SA negotiation, or none of the above.
505 The next section details specific functions and their position
506 within an ISAKMP negotiation.
509 5. Specific Uses
511 The following descriptions detail how to perform specific functions
512 using this protocol. Other functions are possible and thus this
513 list is not a complete list of all of the possibilities. While
514 other functions are possible, the functions listed below MUST be
515 performed as detailed in this document to preserve interoperability
516 among different vendor's implementations.
519 5.1. Requesting an Internal Address
521 This function provides address allocation to a remote host trying to
522 tunnel into a network protected by an edge device. The remote host
523 requests an address and optionally other information concerning the
524 internal network from the edge device. The edge device procures an
525 internal address for the remote host from any number of sources such
526 as a DHCP/BOOTP server or its own address pool.
528 Initiator Responder
529 ----------------------------- -------------------------------
531 Dukes, Pereira 9
532 \f
533 The ISAKMP Configuration Method September 2001
536 HDR*, HASH, ATTR1(REQUEST) -->
537 <-- HDR*, HASH, ATTR2(REPLY)
538 ATTR1(REQUEST) MUST contain at least an INTERNAL_ADDRESS attribute
539 (either IPv4 or IPv6) but MAY also contain any number of additional
540 attributes that it wants returned in the response.
542 For example:
543 ATTR1(REQUEST) =
544 INTERNAL_ADDRESS(0.0.0.0)
545 INTERNAL_NETMASK(0.0.0.0)
546 INTERNAL_DNS(0.0.0.0)
548 ATTR2(REPLY) =
549 INTERNAL_ADDRESS(192.168.219.202)
550 INTERNAL_NETMASK(255.255.255.0)
551 INTERNAL_SUBNET(291.168.219.0/255.255.255.0)
553 All returned values will be implementation dependent. As can be
554 seen in the above example, the edge device MAY also send other
555 attributes that were not included in the REQUEST and MAY ignore the
556 non-mandatory attributes that it does not support.
558 This Transaction Exchange MUST occur after an ISAKMP phase 1 SA is
559 already established and before an ISAKMP phase 2 negotiation has
560 started, since that negotiation requires the internal address.
562 Initial Negotiation:
563 MainMode or AggressiveMode
564 TransactionMode (IP Address request)
565 QuickMode(s)
567 Subsequent address requests would be done without the phase 1
568 negotiation when there already exists a phase 1 SA.
570 Subsequent Negotiations:
571 TransactionMode (IP Address request)
572 QuickMode(s)
574 5.2. Requesting the Peer's Version
576 An IPSec host wishing to inquire about the other peer's version
577 information (with or without security) MUST use this method.
579 Initiator Responder
580 ----------------------------- --------------------------
581 HDR, ATTR1(REQUEST) -->
582 <-- HDR, ATTR2(REPLY)
584 ATTR1(REQUEST) =
585 APPLICATION_VERSION("")
587 ATTR2(REPLY) =
588 APPLICATION_VERSION("foobar v1.3beta, (c) Foo Bar Inc.")
590 Dukes, Pereira 10
591 \f
592 The ISAKMP Configuration Method September 2001
596 The return text string will be implementation dependent. This
597 transaction MAY be done at any time and with or without any other
598 ISAKMP exchange and because the version information MAY be deemed
599 not sensitive, security is optional.
602 6. Enterprise Management Considerations
604 The method defined in this document SHOULD NOT be used for wide
605 scale management. Its main intent is to provide a bootstrap
606 mechanism to exchange information within IPSec. While it MAY be
607 useful to use such a method of exchange information to some outlying
608 IPSec hosts or small networks, existing management protocols such as
609 DHCP [DHCP], RADIUS [RADIUS], SNMP or LDAP [LDAP] should be
610 considered for enterprise management as well as subsequent
611 information exchanges.
614 7. Security Considerations
616 This entire draft discusses a new ISAKMP configuration method to
617 allow IPSec-enabled entities to acquire and share configuration
618 information.
620 The draft mandates that this exchange should normally occur after
621 the Phase I Security Association has been set up and that the entire
622 exchange be protected by that Phase I SA. Thus the exchange is as
623 secure as any Phase II SA negotiation.
625 This exchange MAY be secured (encrypted and authenticated) by other
626 means as well, such as pre-configured ESP [ESP] or data-link
627 security.
630 8. References
633 [1] Bradner, S., "The Internet Standards Process -- Revision
634 3", BCP 9, RFC 2026, October 1996.
636 [2] Bradner, S., "Key words for use in RFCs to Indicate
637 Requirement Levels", BCP 14, RFC 2119, March 1997
639 [Thayer97] R. Thayer, N. Doraswamy, R. Glenn. "IP Security Document
640 Roadmap", RFC2411
642 [ArchSec] S. Kent, R. Atkinson, "Security Architecture for the
643 Internet Protocol", RFC2401
645 [ISAKMP] D. Maughan, M. Schertler, M. Schneider, J. Turner,
646 "Internet Security Association and Key Management
647 Protocol", RFC2408
649 Dukes, Pereira 11
650 \f
651 The ISAKMP Configuration Method September 2001
655 [IKE] D. Harkins, D. Carrel, "The Internet Key Exchange
656 (IKE)", RFC2409
658 [DHCP] R. Droms, "Dynamic Host Configuration Protocol",
659 RFC2131
661 [RADIUS] C. Rigney, A. Rubens, W. Simpson, S. Willens, "Remote
662 Authentication Dial In User Service (RADIUS)", RFC2138
664 [LDAP] M. Wahl, T. Howes, S. Kille., "Lightweight Directory
665 Access Protocol (v3)", RFC2251
667 [ESP] S. Kent, "IP Encapsulating Security Payload (ESP)",
668 RFC2406
670 [ADDRIPV6] Hinden, R., "IP Version 6 Addressing Architecture",
671 RFC 2373, July 1998.
674 9. Acknowledgments
676 The editors would like to thank Sanjay Anand, Baiju V. Patel,
677 Stephane Beaulieu, Tim Jenkins, Peter Ford, Bob Moskowitz and Shawn
678 Mamros.
681 10. Author's Addresses
683 Darren Dukes
684 Cisco Systems Co.
685 365 March Road
686 Kanata, ON, Canada
687 Phone: 1-613-271-3679
688 Email: ddukes@cisco.com
690 Roy Pereira
691 Cisco Systems, Inc.
692 170 Tasman Drive
693 San Jose, CA, USA
694 Phone: 1-408-526-6793
695 Email: royp@cisco.com
708 Dukes, Pereira 12
709 \f
710 The ISAKMP Configuration Method September 2001
714 Full Copyright Statement
716 "Copyright (C) The Internet Society (date). All Rights Reserved.
717 This document and translations of it may be copied and furnished to
718 others, and derivative works that comment on or otherwise explain it
719 or assist in its implementation may be prepared, copied, published
720 and distributed, in whole or in part, without restriction of any
721 kind, provided that the above copyright notice and this paragraph
722 are included on all such copies and derivative works. However, this
723 document itself may not be modified in any way, such as by removing
724 the copyright notice or references to the Internet Society or other
725 Internet organizations, except as needed for the purpose of
726 developing Internet standards in which case the procedures for
727 copyrights defined in the Internet Standards process must be
728 followed, or as required to translate it into
731 This Internet Draft expires September 2001
767 Dukes, Pereira 13
768 \f