Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions for Encrypted DNS
tirumal reddy <kondtir@gmail.com> Fri, 16 September 2022 11:51 UTC
Return-Path: <kondtir@gmail.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0652C1522D4 for <opsawg@ietfa.amsl.com>; Fri, 16 Sep 2022 04:51:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5puJHE3D4d0g for <opsawg@ietfa.amsl.com>; Fri, 16 Sep 2022 04:51:18 -0700 (PDT)
Received: from mail-lj1-x235.google.com (mail-lj1-x235.google.com [IPv6:2a00:1450:4864:20::235]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA866C1522BB for <opsawg@ietf.org>; Fri, 16 Sep 2022 04:51:17 -0700 (PDT)
Received: by mail-lj1-x235.google.com with SMTP id j9so2770108ljg.2 for <opsawg@ietf.org>; Fri, 16 Sep 2022 04:51:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=ZR+yzfnMqDmVXYeVdFpQyBRp7+AN17zH3+6iE/RoAtY=; b=XHyU5/oPyKDxcPCBvRW/jxdXfsKapWciXMI3zKgfP8NJK+RAIFE9S4CdaCdGnnBoLd sGOt3bwXdhEdxo0xcXlPEz03xWKhbbDzB2xL4r4Ka3kEGHB59adNksJ2LA4h4FAcxGlY U4HdvhVut+wEY9r7L197OIQuTNALIVu0nm6wc4nMfB6Yq6FAjVPkqwlJFXOV0mjvGUV2 1Y0LZ1zk4Ff5PAwymO8jdTPwzTMOcYFrxPY4hN9FEh1xm5CZiMK4+asN8JRFnowFuEZN YOcnkhPZW7iyFzMfOiu5d2InQ/P2B3WJbdSfjUXcLZmv86gVFL3RHtKg9NW2Pbn5gG+9 djlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=ZR+yzfnMqDmVXYeVdFpQyBRp7+AN17zH3+6iE/RoAtY=; b=2evbhAXdP7krpjRA5LO5VMyweSey1MnmUPCAmTmrakTn0u3bFTvs35JKwP6/xzLX8/ coLLvmuAZeAhl+3GNHmXtFZBWNfaPgddzXaaS/rvwKiEM1CmQ7XxvQ3T8UCgJdl6x0Fa Lbc7lfgwheVVwUrcCX4DwCF9nSIHcxX0DlKbABRruaabt7F8Qm7+kkQtoMB+M5upwvZv jNHd7wu+jW0ot8aFWUdugij6JPfCZ95wruOO2NNAjOh+UXXLNEHdgUut93PUJKW0hsLN X7Wm4YEJ4ReOvoudu6e3PH6pzdaszcaCIi2/wVb6YE1cWh2tH1x2XEIUX55b6/JWxSMn rlIw==
X-Gm-Message-State: ACrzQf2Z7tRzGrTWEUxZBhzYcU8piP51/ZArVUQuZ0OemAL+qZHn/mmn 4Imm6h7TF/eeAhYjyMUTjhE+7iT5wTEV0Xv0wvY=
X-Google-Smtp-Source: AMsMyM61iEO0vVvfq+cjvgVvU+e/v7F3Kyrc9C7if4vdsXJkoHPFqJ9sn2YK+b7LerVH0P8Euc2vbTlxzDjEiOcViPg=
X-Received: by 2002:a2e:3216:0:b0:26c:17db:68 with SMTP id y22-20020a2e3216000000b0026c17db0068mr1433212ljy.404.1663329076019; Fri, 16 Sep 2022 04:51:16 -0700 (PDT)
MIME-Version: 1.0
References: <BN9PR11MB5371B6F650B031E04AADF10BB8469@BN9PR11MB5371.namprd11.prod.outlook.com> <AM7PR07MB624825621786D8144A3AA772A0499@AM7PR07MB6248.eurprd07.prod.outlook.com> <BN9PR11MB5371B4D6E4CEE9AAB75EB093B8499@BN9PR11MB5371.namprd11.prod.outlook.com> <AM7PR07MB6248071A2837D09807FEBEFFA0489@AM7PR07MB6248.eurprd07.prod.outlook.com> <5350_1663327451_63245CDB_5350_212_6_7dd3232fc4a2445cbcaffa1072dfbf39@orange.com>
In-Reply-To: <5350_1663327451_63245CDB_5350_212_6_7dd3232fc4a2445cbcaffa1072dfbf39@orange.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Fri, 16 Sep 2022 17:21:04 +0530
Message-ID: <CAFpG3geiNoRkGjrvygwiY5oy3k3eRWdz-XyE4V2Tp7U+GJ3_eA@mail.gmail.com>
To: mohamed.boucadair@orange.com
Cc: tom petch <ietfc@btconnect.com>, "Joe Clarke (jclarke)" <jclarke@cisco.com>, "opsawg@ietf.org" <opsawg@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b888b605e8c9fa36"
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/yIJ1Pg0qMrFOYbcQroUCJAusueY>
Subject: Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions for Encrypted DNS
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Sep 2022 11:51:18 -0000
On Fri, 16 Sept 2022 at 16:54, <mohamed.boucadair@orange.com> wrote: > Tom, > > > <tp2> > > I was thinking that the IESG will complain at TLS being only 1.2, > > Don't think so. Please see: > https://datatracker.ietf.org/doc/bofreq-dekok-bofreq-dekok-radius-extensions-and-security-00/ > . Yes, TLS 1.2 can be continued to be used by existing protocols following the recommendations in https://datatracker.ietf.org/doc/html/draft-ietf-uta-rfc7525bis-11. The BCP allows implementations to use TLS 1.2 and encourages them to mitigate to TLS 1.3. -Tiru > > > Cheers, > Med > > > -----Message d'origine----- > > De : OPSAWG <opsawg-bounces@ietf.org> De la part de tom petch > > Envoyé : vendredi 16 septembre 2022 12:13 > > À : Joe Clarke (jclarke) <jclarke@cisco.com>; opsawg@ietf.org > > Objet : Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions for > > Encrypted DNS > > > > From: Joe Clarke (jclarke) <jclarke@cisco.com> > > Sent: 15 September 2022 20:57 > > > > <tp2> > > My ever helpful webmail just changed the layout, without warning, > > to make it much harder to use so while the content of my replies > > does not change, where they go may be somewhat random - currently > > I have 80 options but no send button > > > > <tp> > > > > RFC6614 is a Normative Reference. This is Experimental and is > > TLS1.2 only > > > > JMC> Good point. I don't think it needs to be normative for > > implementation of this work. > > > > <tp2> > > I was thinking that the IESG will complain at TLS being only 1.2, > > be it Informative or Normative. I think that the TLS WG have > > created a mire with TLS1.3 being so different that adoption will > > be very slow so the real world of Enterprise will see 1.2 as a > > MUST while the IESG sees 1.2 as NOT RECOMMENDED as we will be here > > for some time to come. (A bit like IPv4 and IPv6:-( > > > > Lots of mentions of TBAn with n from three to seven with 'see > > section 6.2' where there is no mention of them. > > > > JMC> I saw those, too and almost commented. I think Qin may have > > mentioned it. Instead of reusing the TBAs, the authors used > > Section numbers in the IANA considerations. Using them as well > > would add clarity. > > > > <tp2> > > > > But are TBA3 et al. meant to be assigned by IANA? If so , IANA > > should be told (good as IANA are as interpreting our sloppy work). > > > > Tom Petch > > > > Joe > > > > > > _______________________________________________ > > OPSAWG mailing list > > OPSAWG@ietf.org > > https://www.ietf.org/mailman/listinfo/opsawg > > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez > recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages > electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou > falsifie. Merci. > > This message and its attachments may contain confidential or privileged > information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and > delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been > modified, changed or falsified. > Thank you. > > _______________________________________________ > OPSAWG mailing list > OPSAWG@ietf.org > https://www.ietf.org/mailman/listinfo/opsawg >
- [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensions f… Joe Clarke (jclarke)
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Joe Clarke (jclarke)
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Alan DeKok
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… mohamed.boucadair
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Qin Wu
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Alan DeKok
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Qin Wu
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Dirk.von-Hugo
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… tom petch
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Alan DeKok
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… Joe Clarke (jclarke)
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… mohamed.boucadair
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… mohamed.boucadair
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… mohamed.boucadair
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… christian.jacquenet
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… mohamed.boucadair
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… tom petch
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… mohamed.boucadair
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… tirumal reddy
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… tom petch
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… mohamed.boucadair
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Michael Richardson
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… Chongfeng Xie
- Re: [OPSAWG] CALL FOR ADOPTION: RADIUS Extensions… mohamed.boucadair
- Re: [OPSAWG] 🔔 CALL FOR ADOPTION: RADIUS Extensio… Joe Clarke (jclarke)