[radext] "Insecure Practices" : accounting?

Bernard Aboba <bernard.aboba@gmail.com> Fri, 10 November 2023 13:22 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AEB0C15198F for <radext@ietfa.amsl.com>; Fri, 10 Nov 2023 05:22:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WxHqGtzyl2E3 for <radext@ietfa.amsl.com>; Fri, 10 Nov 2023 05:22:03 -0800 (PST)
Received: from mail-pj1-x102e.google.com (mail-pj1-x102e.google.com [IPv6:2607:f8b0:4864:20::102e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 655F1C1516E1 for <radext@ietf.org>; Fri, 10 Nov 2023 05:22:03 -0800 (PST)
Received: by mail-pj1-x102e.google.com with SMTP id 98e67ed59e1d1-28039ee1587so1683610a91.2 for <radext@ietf.org>; Fri, 10 Nov 2023 05:22:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1699622522; x=1700227322; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=pdGIwMgzSZidPEX4o4/rmaPfraxFP+8Bw3Kv/h5u4N0=; b=XAqpHjOOlY3DhdNJWoL8lzML+b4CyTehspuUFmmmw7C5AtOXFVy1caN3apHatkEYua oVC1AnncjaSc2VIAp7Kq6LchMG6dDpuYN4QctR/nSTVc0lGH0e+Wh5CuX4GRYZMJavWp DOedavtk5RANpkbjtNpW4W2N8wY72B/i3qGLISRVr8xQOF/NcsGlr/EeMmrc9dq8ZluI f9sYG5L1koPxVW2CfKlWHzoRHHjtlw/YrKBzr3CshfuLIhrgOlZDm5gx3G0jd2QvxQeZ 3GqvQLud2eYg5pIM6wlE+HpNmmpelWmrvqb2giKj5YV2WuDgsC4lMs8lOb1Jg/aJ/3QQ nQxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699622522; x=1700227322; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=pdGIwMgzSZidPEX4o4/rmaPfraxFP+8Bw3Kv/h5u4N0=; b=BEeKXcPmPC/mha4OA4VI9tAaRJ+mVTbEaY2vnVmykON6xmOfeL+1a/T2z+XySyog0O PbdZL2I1GvaOB2hdiYfqAD1dZUmoBJBPoXevaQ24t8h+JGz3PjVYA2qn7acL7Fl+hRBP YuDji6DHxMl5hjOeziszsY2e6/o3b915tj/2hILyIomF434H6gduSHnENN/8RcIYIj/w uGncvkb7fqTRp66Yc6izK2sHcEMS52Ym5gO8VwBxjsrqwFS2vTqJPJJYuux0FlLh0m1v BRxXiGLA3uHsWAFo5bAf96bx/0fVGt8jZFCrXaWHjuWe4IyKO4w+VVhTr2+upNJEe6tX qIdw==
X-Gm-Message-State: AOJu0YzJFmOwj+caEVIAbkrMTJ1D9e4F0q4gKrb8oaDrx2iEi1Asz4lb dDjR7wrZKOpEI4RBaNU0ejoIZ0LD8PM0Y6TJYm+dHmt0al+n7Q==
X-Google-Smtp-Source: AGHT+IGiVd1aQ4c0FFkLU+4OIU3k3Y+BuedAimYPBZMm8KsfP9lkqANo8A8kRvU7GtFm9pZ0s7XwPtGR4XHJG2UOAic=
X-Received: by 2002:a17:90b:3902:b0:280:31a8:191d with SMTP id ob2-20020a17090b390200b0028031a8191dmr4225910pjb.39.1699622522398; Fri, 10 Nov 2023 05:22:02 -0800 (PST)
MIME-Version: 1.0
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Fri, 10 Nov 2023 05:21:47 -0800
Message-ID: <CAOW+2dvH_yLDFPA7WfgokhOM0GvzSGRxLbSbuyam-JssSwVEpw@mail.gmail.com>
To: radext@ietf.org
Content-Type: multipart/alternative; boundary="000000000000b32b970609cc34f8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/1lnJmKXgqS6h3SYfudUDqYe3J40>
Subject: [radext] "Insecure Practices" : accounting?
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Nov 2023 13:22:05 -0000

The "Insecure Practices" draft is good Halloween reading.  Quite
horrifying. Boo!

But... there may be more!  The document doesn't talk much about insecure
accounting.

RFC 2975 describes why RADIUS over UDP shouldn't be used in situations
where packet loss (or packet modification) translates to financial losses:
RFC 2975 - Introduction to Accounting Management (ietf.org)
<https://datatracker.ietf.org/doc/rfc2975/>

This potentially extends the vulnerabilities described in "Insecure
Practices" to financial irregularities.

One way to fix this is to use a reliable transport and cryptographic
integrity protection (e.g. RADIUS Accounting over TLS) to prevent loss or
modification of accounting data.