90 likes | 92 Vues
Thoughts on Bootstrapping Mobility Securely. Chairs, with help from James Kempf, Jari Arkko MIP6 WG/BOF 57 th IETF Vienna Wed. July 16, 2003. What are we Bootstrapping?. Not just a HA nor just a MN It takes two to tango
E N D
Thoughts on Bootstrapping Mobility Securely Chairs, with help from James Kempf, Jari Arkko MIP6 WG/BOF 57th IETF Vienna Wed. July 16, 2003
What are we Bootstrapping? • Not just a HA nor just a MN • It takes two to tango • Bootstrapping a security association between two devices, such that one is enabled as an MN and the other as its HA • Bootstrapping a Mobility Security Association (MSA)
Why Bootstrapping Mobility Securely? • Reduces RTT on HA/MN tunnels (optimal HA for distant locations) • Hides MN topological location (though this precludes route optimization). • Reduced configuration required (on either the MN or the HA) • MN resilience to network renumbering • Enables network to assign MN's to HA administratively • Allows for HA load balancing by assigning MN according to load • Authorizes a device to become an MN (security-wise)
Possible scenarios (1/2) • No previous credential: Not a MIP6 issue? • Leap-of-faith: • Too risky (the whole RO was predicated on some genuine trust or accountability between MN&HA) • Enrollment • out-of-band model (separate path for confirmation via email, human exchange) • Transitive Trusted Introduction (visa/mcard, merchant, consumer) – reusable models?
Possible scenarios (2/2) • Rolling over a Non-Mobile Security Association (e.g., Enterprise PKI, AAA infrastructure etc.) • Probably work on this • Rolling over an existing MSA: • Existing HA with a new MN (RFC3041 private address scenario) • Existing MN to acquire a new HA (Dynamic HA scenario) • Yes, work on this
Existing MSA Certificate • Possible meanings of bootstrap: • Complete the MN's Cert with info on HA • Change its HA info from HA_orig to HA_new (temp, permanent) • Complete the HA's Cert with info on MN • Change its MN info from MN_orig to MN_new (temp, permanent)
MIPv6 Dynamic MSA Outline • Mobile Node comes up in a foreign domain, renumbering, creates an RFC3041, etc • Performs authentication and is authorized to enter network as a roamer. • Authentication via EAPoL2 • PANA • EAP over IKEv2 • Results in authentication and configuration info perhaps via a credential provisioning process
Further thoughts on Dynamic MSA’s • Secure location of dynamic HA? • Protocol in Section 11.4.1 of base draft is not secure. • IKE required w. anycast address – is this possible? • Issues w. IPsec on ICMP messages. • Encourage trend toward standardized, securable configuration/service discovery mechanisms. • Establish an SA for draft-ietf-mobileip-mipv6-ha-ipsec-06.txt but… • Is the MN authorized for HA service? • Binding between IKE and AAA. • Not standardized in IKEv1. • Use IKEv2 EAP over IKE (Section 2.16). • IDi instead of IKE AUTH in Message 2 from MN to HA. • HA responds with EAP to initiate the EAP exchange. • Shared key may be established as part of exchange (e.g. preshared secret). • How to securely assign MN a HoA? • IKEv2 CFG_REQUEST (Section 2.19)? • DHCP in IKE (draft-ietf-ipsec-dhcp-over-ike-00.txt)?
Credential Provisioning • What to create: Mobile IP variant of draft-ietf-ipsec-pki profile: "Certificate Extensions and Attributes for Mobile IP" ?? • How to create them? Variant of: • draft-ietf-ipsra-pic* (over IKE) (which is a variant of draft-bellovin-ipsra-getcert-* ) • EAP to an auth server, which provisions credentials to the MN which can be used later • MN and private addresses: • concept of a session • during the session, an MN-issued rfc3281 Attrib Cert(ideally a real authorization cert via SPKI) enables the rfc3041 address • communication outside of scope?