IETF Logo Mail Archive

Re: [dhcwg] [Add] 🔔 WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]

mohamed.boucadair@orange.com Mon, 21 November 2022 07:04 UTC

Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4564C14CE4C; Sun, 20 Nov 2022 23:04:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.796
X-Spam-Level:
X-Spam-Status: No, score=-2.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kDIS35bV_Uty; Sun, 20 Nov 2022 23:04:07 -0800 (PST)
Received: from relais-inet.orange.com (relais-inet.orange.com [80.12.70.34]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F8E3C14CE4A; Sun, 20 Nov 2022 23:04:06 -0800 (PST)
Received: from opfednr04.francetelecom.fr (unknown [xx.xx.xx.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by opfednr20.francetelecom.fr (ESMTP service) with ESMTPS id 4NFyzm1z9mz1yXg; Mon, 21 Nov 2022 08:04:04 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; s=ORANGE001; t=1669014244; bh=szxH3I1wH9zWCtfuywm6a4erxz8L7eP7fl+ZYQuAsVk=; h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version; b=W0WvD2CaSKw2u/H00Wy2LkkltW3Pkas7Y6bEdlrSMfkm36HwhX0FWjSYl3vaKaqsM 9q7coZikAbGZUj1BczmiNv17tMr6WxCesy6FhAeOgg6+hVvSgq2T9mstaRd5tEdn17 4Dtiz/2OzJ19ln/zZTDL3ceeLwSfKBEmxrZT9XghfP0Hx8YKdChe6qBM4g1brUVVie zBIov3qG0YpG8bgWl7X/jab8vQl7WWZbGpM7eDNxNLEmX1mxix21l6y6pbX8QeAW73 Zc2P9BQbBVA2l8Yqs++35nLNoamel2UKSajhq+GOXuxzVZmn8sTpTm+Zou0Gchen1e QpMbpvvrga4Fw==
From: mohamed.boucadair@orange.com
To: Bernie Volz <bevolz@gmail.com>, "Joe Clarke (jclarke)" <jclarke=40cisco.com@dmarc.ietf.org>
CC: "opsawg@ietf.org" <opsawg@ietf.org>, "dhcwg@ietf.org" <dhcwg@ietf.org>, "add@ietf.org" <add@ietf.org>
Thread-Topic: [Add] [dhcwg] 🔔 WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]
Thread-Index: AQHY/NvheYLlYVPt6Uef2ybqXbmfea5I73hA
Content-Class:
Date: Mon, 21 Nov 2022 07:04:03 +0000
Message-ID: <24346_1669014244_637B22E4_24346_302_17_4fc7436ea2e349d889c9d618ba473adc@orange.com>
References: <BN9PR11MB5371AE7F2D71056E955056ABB8009@BN9PR11MB5371.namprd11.prod.outlook.com> <BADAAF0E-7FC6-4D63-97C3-0A584458FD79@gmail.com>
In-Reply-To: <BADAAF0E-7FC6-4D63-97C3-0A584458FD79@gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2022-11-21T06:43:48Z; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=6b0e736e-22c8-4f78-8e6d-90cf0eba4902; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0
x-originating-ip: [10.115.27.53]
Content-Type: multipart/alternative; boundary="_000_4fc7436ea2e349d889c9d618ba473adcorangecom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/3H_1YIZ7c2x614qFenAN-ObJ23Q>
Subject: Re: [dhcwg] [Add] 🔔 WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2022 07:04:10 -0000

Hi Bernie,

Thanks for the comment.

I agree that reference may be confusing for some readers. I went with a less verbose text by simply replacing the OLD reference with “Section 8.3 of [This-Document]”. Please see https://tinyurl.com/opsawg-add-latest.

[This-Document] will be replaced by the RFC Editor with the RFC number to be assigned to this draft.

Cheers,
Med

De : Add <add-bounces@ietf.org> De la part de Bernie Volz
Envoyé : dimanche 20 novembre 2022 13:30
À : Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org>
Cc : opsawg@ietf.org; dhcwg@ietf.org; add@ietf.org
Objet : Re: [Add] [dhcwg] 🔔 WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]

The changes related to 4014 are really minor as just changes text to use IANA registry instead of list in original 4014. So not sure why this is really that significant.

My only concern is that the “new” text references section 8.3 of this new draft and so the replacement text is a bit “odd”? It is not referring to section 8.3 in 4014.


   NEW:

      To avoid dependencies between the address allocation and other

      state information between the RADIUS server and the DHCP server,

      the DHCP relay agent SHOULD include only the attributes in the

      IANA-maintained registry (Section 8.3) in an instance of the

      RADIUS Attributes suboption.

I wonder if using the following might be better instead of referencing section 8.3 from the new document? (In both “new” sections.)


   NEW:

      To avoid dependencies between the address allocation and other

      state information between the RADIUS server and the DHCP server,

      the DHCP relay agent SHOULD include only the attributes in the

      IANA-maintained sub-registry entitled "RADIUS Attributes Permitted

       in RADIUS Attributes Sub-option" in the "Dynamic Host Configuration

       Protocol (DHCP) and Bootstrap Protocol (BOOTP) Parameters" registry [BOOTP]

      IANA-maintained registry in an instance of the

      RADIUS Attributes suboption.

But perhaps this is not a concern others have?

- Bernie (from iPad)


On Nov 11, 2022, at 3:13 AM, Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org<mailto:jclarke=40cisco.com@dmarc.ietf.org>> wrote:

I am closing this WG LC.  While I am glad that this work received a number of reviews both in opsawg and from other WGs, I would have still like to see more comments around the incorporation of the 4014 changes.

We will now look to find a shepherd for this doc.  Authors, if you know of someone that may want to act in that role, let us know.

Joe

From: Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org<mailto:jclarke=40cisco.com@dmarc.ietf.org>>
Date: Wednesday, October 19, 2022 at 10:11
To: Joe Clarke (jclarke) <jclarke@cisco.com<mailto:jclarke@cisco.com>>, opsawg@ietf.org<mailto:opsawg@ietf.org> <opsawg@ietf.org<mailto:opsawg@ietf.org>>
Cc: dhcwg@ietf.org<mailto:dhcwg@ietf.org> <dhcwg@ietf.org<mailto:dhcwg@ietf.org>>, add@ietf.org<mailto:add@ietf.org> <add@ietf.org<mailto:add@ietf.org>>
Subject: Re: 🔔 WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]
After discussion with dhcwg, this document has taken on work from another document that updates RFC 4014.  I want to make sure that opsawg has had a chance to review the extended scope and text.

The WG LC is extended to end on November 3, 2022.  To those in the WG that have already commented, please review revision -05 or later and share your thoughts on list.

Joe

From: OPSAWG <opsawg-bounces@ietf.org<mailto:opsawg-bounces@ietf.org>> on behalf of Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org<mailto:jclarke=40cisco.com@dmarc.ietf.org>>
Date: Wednesday, October 12, 2022 at 12:43
To: opsawg@ietf.org<mailto:opsawg@ietf.org> <opsawg@ietf.org<mailto:opsawg@ietf.org>>
Subject: [OPSAWG] 🔔 WG LC: RADIUS Extensions for Encrypted DNS
Hello, WG.  While this work was recently adopted, there was a considerable amount of discussion and work put in to address issues and stabilize the spec.  The authors feel it has reached a steady state and is ready for WG LC.  Based on my read of the discussion threads, it does appear the major issues have been addressed.

Therefore, this serves as the start of a two week WG LC for  https://datatracker.ietf.org/doc/draft-ietf-opsawg-add-encrypted-dns/.  Please provide your comments and/or support for the current spec on-list prior to October 27.

Thanks.

Joe
_______________________________________________
dhcwg mailing list
dhcwg@ietf.org<mailto:dhcwg@ietf.org>
https://www.ietf.org/mailman/listinfo/dhcwg

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email