Re: [dhcwg] ๐ WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]
Bernie Volz <bevolz@gmail.com> Sun, 20 November 2022 12:30 UTC
Return-Path: <bevolz@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B7CEC14F6EB; Sun, 20 Nov 2022 04:30:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BFHOjD_PGCEi; Sun, 20 Nov 2022 04:30:16 -0800 (PST)
Received: from mail-qk1-x734.google.com (mail-qk1-x734.google.com [IPv6:2607:f8b0:4864:20::734]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE4DCC14F6E7; Sun, 20 Nov 2022 04:30:16 -0800 (PST)
Received: by mail-qk1-x734.google.com with SMTP id p18so6454298qkg.2; Sun, 20 Nov 2022 04:30:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:from:to:cc:subject:date:message-id :reply-to; bh=adMte6Pb+1d/QZGkD5Jd3XaS4dFnOX4e5tNFBzoPDx0=; b=JFNl8rmcA5V5ae6f5i8TrpmOYtlMpUvoVi3iz9fp1vZ62t3Zsds9XwREN2zBz/SpZM fwR+FBYfLUSLmuhWpzOxEVWWiiErmfSCDSyqEKH0qbaoB3e8v7/86/t6GVeiv4RJD7fE On5A1dZg4fXl1PMlZbJn0aQ+OAd+CVVHU+89OSXr2ExOd4YWQfAiuQ3DEc7YhNOWBVKa yJaDByIRowOROoKJPILgNkwtnN+I6y3qMajkLXcBsxDYHwcOgKSfuDSP1OEj011eOCEz hq50WueHLixNeBNoCHejBQcKNkkP5vcVmykXdqeSuFoQ8QFe6h0FdnVnsNnXZi1w938n g9Ig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=adMte6Pb+1d/QZGkD5Jd3XaS4dFnOX4e5tNFBzoPDx0=; b=JzMkRq1GtYNfcZgJKNXQpBGXmnYoIyyGmoz39l6C/YkbXAftvyKvoIfFbhtLxWSx6X nuHpKgi8ICLKbxuEdIADDbTwJJFxnZif8A6Nn8QT76T6/p7aBhGVNYtbp4b+tmubElqg s070iHnbiOaLPWXstBoqKD5l1gnPWjXLHU7TBzk7OBImW9iaOmKPPJ/t+cMSUzW05HzO rUdLPyzqXyu95tcX9T2mplncgLw0IlC+vltpf4iIF8eo7SW9C6s25lBIvo58qiE7fkf2 9HqFBBoTwrVXhukDpm/iaLfxPgu2/S3BFoqybDsvEffYaXwysTN6F3Qwp74c/tfFeKNc l+dQ==
X-Gm-Message-State: ANoB5pktky88334FM4EVXEetpLo5I6U/2EyjR3N/l2aGDnuELfwxeJTk Hn6RLFsQDHIo6t+blEiThsN/+iOCYQ==
X-Google-Smtp-Source: AA0mqf4ATTgyPwcLnfcIxYsAul/Ee+khOxVzgYgOx1GI/hStewfNKv0DttoNRzAQtWcUdzHVrpQjwQ==
X-Received: by 2002:a05:620a:899:b0:6f9:b775:474a with SMTP id b25-20020a05620a089900b006f9b775474amr3875253qka.405.1668947415586; Sun, 20 Nov 2022 04:30:15 -0800 (PST)
Received: from smtpclient.apple (d-24-233-121-124.nh.cpe.atlanticbb.net. [24.233.121.124]) by smtp.gmail.com with ESMTPSA id v14-20020a05620a440e00b006a6ebde4799sm6400463qkp.90.2022.11.20.04.30.14 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 20 Nov 2022 04:30:15 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail-99D315C4-BEBA-48F6-90FB-72AFBA530567"
Content-Transfer-Encoding: 7bit
From: Bernie Volz <bevolz@gmail.com>
Mime-Version: 1.0 (1.0)
Date: Sun, 20 Nov 2022 07:30:14 -0500
Message-Id: <BADAAF0E-7FC6-4D63-97C3-0A584458FD79@gmail.com>
References: <BN9PR11MB5371AE7F2D71056E955056ABB8009@BN9PR11MB5371.namprd11.prod.outlook.com>
Cc: opsawg@ietf.org, dhcwg@ietf.org, add@ietf.org
In-Reply-To: <BN9PR11MB5371AE7F2D71056E955056ABB8009@BN9PR11MB5371.namprd11.prod.outlook.com>
To: "Joe Clarke (jclarke)" <jclarke=40cisco.com@dmarc.ietf.org>
X-Mailer: iPad Mail (19G82)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/lhj2Xka77qf7b7PqzgGj_kXOR9Y>
Subject: Re: [dhcwg] ๐ WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Nov 2022 12:30:20 -0000
The changes related to 4014 are really minor as just changes text to use IANA registry instead of list in original 4014. So not sure why this is really that significant.
My only concern is that the โnewโ text references section 8.3 of this new draft and so the replacement text is a bit โoddโ? It is not referring to section 8.3 in 4014.
NEW:
To avoid dependencies between the address allocation and other
state information between the RADIUS server and the DHCP server,
the DHCP relay agent SHOULD include only the attributes in the
IANA-maintained registry (Section 8.3) in an instance of the
RADIUS Attributes suboption.
I wonder if using the following might be better instead of referencing section 8.3 from the new document? (In both โnewโ sections.)
NEW:
To avoid dependencies between the address allocation and other
state information between the RADIUS server and the DHCP server,
the DHCP relay agent SHOULD include only the attributes in the
IANA-maintained sub-registry entitled "RADIUS Attributes Permitted
in RADIUS Attributes Sub-option" in the "Dynamic Host Configuration
Protocol (DHCP) and Bootstrap Protocol (BOOTP) Parameters" registry [BOOTP]
IANA-maintained registry in an instance of the
RADIUS Attributes suboption.
But perhaps this is not a concern others have?
- Bernie (from iPad)
> On Nov 11, 2022, at 3:13 AM, Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org> wrote:
>
> ๏ปฟ
> I am closing this WG LC. While I am glad that this work received a number of reviews both in opsawg and from other WGs, I would have still like to see more comments around the incorporation of the 4014 changes.
>
> We will now look to find a shepherd for this doc. Authors, if you know of someone that may want to act in that role, let us know.
>
> Joe
>
> From: Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org>
> Date: Wednesday, October 19, 2022 at 10:11
> To: Joe Clarke (jclarke) <jclarke@cisco.com>, opsawg@ietf.org <opsawg@ietf.org>
> Cc: dhcwg@ietf.org <dhcwg@ietf.org>, add@ietf.org <add@ietf.org>
> Subject: Re: ๐ WG LC: RADIUS Extensions for Encrypted DNS [EXTENDED]
>
> After discussion with dhcwg, this document has taken on work from another document that updates RFC 4014. I want to make sure that opsawg has had a chance to review the extended scope and text.
>
> The WG LC is extended to end on November 3, 2022. To those in the WG that have already commented, please review revision -05 or later and share your thoughts on list.
>
> Joe
>
> From: OPSAWG <opsawg-bounces@ietf.org> on behalf of Joe Clarke (jclarke) <jclarke=40cisco.com@dmarc.ietf.org>
> Date: Wednesday, October 12, 2022 at 12:43
> To: opsawg@ietf.org <opsawg@ietf.org>
> Subject: [OPSAWG] ๐ WG LC: RADIUS Extensions for Encrypted DNS
>
> Hello, WG. While this work was recently adopted, there was a considerable amount of discussion and work put in to address issues and stabilize the spec. The authors feel it has reached a steady state and is ready for WG LC. Based on my read of the discussion threads, it does appear the major issues have been addressed.
>
> Therefore, this serves as the start of a two week WG LC for https://datatracker.ietf.org/doc/draft-ietf-opsawg-add-encrypted-dns/. Please provide your comments and/or support for the current spec on-list prior to October 27.
>
> Thanks.
>
> Joe
> _______________________________________________
> dhcwg mailing list
> dhcwg@ietf.org
> https://www.ietf.org/mailman/listinfo/dhcwg
- Re: [dhcwg] ๐ WG LC: RADIUS Extensions for Encrypโฆ Joe Clarke (jclarke)
- Re: [dhcwg] ๐ WG LC: RADIUS Extensions for Encrypโฆ Joe Clarke (jclarke)
- Re: [dhcwg] ๐ WG LC: RADIUS Extensions for Encrypโฆ Bernie Volz
- Re: [dhcwg] [Add] ๐ WG LC: RADIUS Extensions for โฆ mohamed.boucadair
- Re: [dhcwg] [Add] ๐ WG LC: RADIUS Extensions for โฆ Bernie Volz