Re: [AAA-DOCTORS] [Errata Rejected] RFC2548 (4369)
Benoit Claise <bclaise@cisco.com> Mon, 14 September 2015 13:13 UTC
Return-Path: <bclaise@cisco.com>
X-Original-To: aaa-doctors@ietfa.amsl.com
Delivered-To: aaa-doctors@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81A391B3370 for <aaa-doctors@ietfa.amsl.com>; Mon, 14 Sep 2015 06:13:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U3xJGjg6Tys8 for <aaa-doctors@ietfa.amsl.com>; Mon, 14 Sep 2015 06:13:22 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 716671B3263 for <aaa-doctors@ietf.org>; Mon, 14 Sep 2015 06:13:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3713; q=dns/txt; s=iport; t=1442236402; x=1443446002; h=subject:to:references:cc:from:message-id:date: mime-version:in-reply-to:content-transfer-encoding; bh=aLbU/5em2PvLgNenL7+RE1Hz/R6ZIDUeJNa7rze0Eao=; b=M3t/CrnodwoUY5Gzv/VkYsT1fCdocJWNAuSDhkRsyVnSyUVgyUpc/aIm IM36aIUsCL7BgQm9ovmZhhFuY2Bg4hI980OzAUtcJVILWx3ZqfVYAaEL+ opX3/CZwg6R4HR2U/NULwio/aYAbp9w/YNIp2dJOKqHImoogYHsXye1fw M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CdBACHxvZV/xbLJq1DGoN3ab9EhXkCggEBAQEBAQGBC4QkAQEEOEABEAsYCQ8HBQoJAwIBAgFFBg0GAgEBiCoNO7prjlABAQEBAQEBAQEBAQEBAQEBAQEBGYZzhH2BPYMFSwcZhBMBBIV7gTcGhm6HMYx+gUyHMYEGjFk2g2xjghEND4FWPDMBE4ppAQEB
X-IronPort-AV: E=Sophos;i="5.17,528,1437436800"; d="scan'208";a="606995199"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP; 14 Sep 2015 13:13:20 +0000
Received: from [10.60.67.87] (ams-bclaise-8916.cisco.com [10.60.67.87]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id t8EDDK1Y002529; Mon, 14 Sep 2015 13:13:20 GMT
To: Alan DeKok <aland@freeradius.org>
References: <20150914103150.25791180472@rfc-editor.org> <5023772F-2B40-40F2-9606-1E0C1BEE12FA@freeradius.org>
From: Benoit Claise <bclaise@cisco.com>
Message-ID: <55F6C7EF.8050506@cisco.com>
Date: Mon, 14 Sep 2015 15:13:19 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <5023772F-2B40-40F2-9606-1E0C1BEE12FA@freeradius.org>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/aaa-doctors/tZjP9JYg49KH4OpuJfRaQkeZXyg>
Cc: "aaa-doctors@ietf.org" <aaa-doctors@ietf.org>
Subject: Re: [AAA-DOCTORS] [Errata Rejected] RFC2548 (4369)
X-BeenThere: aaa-doctors@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: AAA Doctors E-mail List <aaa-doctors.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/aaa-doctors>, <mailto:aaa-doctors-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/aaa-doctors/>
List-Post: <mailto:aaa-doctors@ietf.org>
List-Help: <mailto:aaa-doctors-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/aaa-doctors>, <mailto:aaa-doctors-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Sep 2015 13:13:24 -0000
Alan, Let's solve that on the AAA-doctors. Kathleen and I are waiting for the outcome of your discussion. Regards, Benoit > While the comment about 24 octets vs 32 is correct and appreciated, there are still open issues. > > User-Password is not supposed to contain embedded zeros. It is padded out to a multiple of 16 octets in length. BUT there is no explicit "length" field in the attribute, unlike Tunnel-Password. > > Therefore, implementations determine the length by going to the end of the decrypted buffer, and looking for the first non-zero character. > > That method does not work for MS-CHAP-MPPE-Keys. That attribute is binary, and is explicitly allowed to contain embedded zeros. Therefore the above method for determining length doesn't work. There is a 1/256 chance that the last octet of the NT key is, in fact, zero. > > The technical errata points out that the length of the decoded attribute MUST be manually set to 24. The "normal" method of looking for a non-zero octet doesn't work. > > On Sep 14, 2015, at 6:31 AM, RFC Errata System <rfc-editor@rfc-editor.org> wrote: > >> The following errata report has been rejected for RFC2548, >> "Microsoft Vendor-specific RADIUS Attributes". >> >> -------------------------------------- >> You may review the report below and at: >> http://www.rfc-editor.org/errata_search.php?rfc=2548&eid=4369 >> >> -------------------------------------- >> Status: Rejected >> Type: Technical >> >> Reported by: Alan DeKok <aland@freeradius.org> >> Date Reported: 2015-05-19 >> Rejected by: Benoit Claise (IESG) >> >> Section: 2.4.1 >> >> Original Text >> ------------- >> The Keys field MUST be encrypted by the RADIUS server using the >> same method defined for the User-Password Attribute [3]. Padding >> is required because the method referenced above requires the field >> to be encrypted to be a multiple of sixteen octets in length. >> >> Corrected Text >> -------------- >> The Keys field MUST be encrypted by the RADIUS server using the >> same method defined for the User-Password Attribute [3]. Padding >> is required because the method referenced above requires the field >> to be encrypted to be a multiple of sixteen octets in length. >> >> We note that the encryption method for the User-Password attribute >> does not contain a field describing the length of the decrypted data. >> Despite this, the User-Password attribute contains data which is >> variable length. The length of that data is commonly determined by >> looking for either the end of the data, or the first zero octet in the >> data, whichever comes first. >> >> That practice cannot be used here, as the Keys field can contain >> embedded zero octets. This means that the length of the decrypted >> data MUST be set explicitly to 32 octets for this attribute. >> >> Notes >> ----- >> re: MS-CHAP-MPPE-Keys "obfuscation" >> --VERIFIER NOTES-- >> Section 2.4.1 describes 32 octets of content, which *include* padding. >> >> The decrypted data is thus less than 32 octets. The ASCII art in that sections shows 64 bit of padding in the end, meaning it's only 24 octets of decrypted keys. >> >> -------------------------------------- >> RFC2548 (draft-ietf-radius-ms-vsa-01) >> -------------------------------------- >> Title : Microsoft Vendor-specific RADIUS Attributes >> Publication Date : March 1999 >> Author(s) : G. Zorn >> Category : INFORMATIONAL >> Source : Remote Authentication Dial-In User Service >> Area : Operations and Management >> Stream : IETF >> Verifying Party : IESG >>
- Re: [AAA-DOCTORS] [Errata Rejected] RFC2548 (4369) Benoit Claise