[Babel-users] key rotation take #2

[Dave Taht]

OK, nobody liked timestamps and the dnssec analogy, nor standardizing on
an easily distributable out of band key format.

I can live with that.

However, what I would like to be doing is testing the key signing, and
rollover methods, and measuring the overhead of HMAC-ing twice, as well
as the effects (and bugs) on unicast and multicast transmissions and the
rollover process itself, and interoperability between bird and babel.

So here's a simpler alternate suggestion for configuring the the thing.
It is not intended as an ietf standard but as a means to deploy tests of
key rollovers.

This is the present babel conf file format:

key id key1 type sha1 value deadbeefdeadbeefdeadbeefdeadbeefdeadbeef
key id key2 type sha1 value dea2f0d01a57b0071057a11da7adeadbeeffffff
default enable-timestamps true unicast true hmac key1
interface enp7s0 unicast false hmac key1
interface wlps3 type wireless
interface enp4s0
interface wg1 hmac key2

so we invent a new keyword "serial".

a key rollover is initiated by adding a new key with the same name and a
larger serial number than the old one.

A key id line with no serial keyword has an implied serial number of 0.

A new line gets added (via conf or configuration interface) that looks
like this:

key id key2 type blake2s serial 1 value dea2f0d01a57b0071057a11da7adeadbeefffff0

*the protocol* retires the old key as soon as possible.

the admin removes the old key when convenient and safe to do so.

Does that work for everybody?



PS it would be mildly more compact to use
base64 to encode the key.

/me hides