Re: [radext] I-D Action: draft-ietf-radext-tls-psk-03.txt
Alan DeKok <aland@deployingradius.com> Mon, 18 September 2023 13:31 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6F01C15198E for <radext@ietfa.amsl.com>; Mon, 18 Sep 2023 06:31:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tk9hbNmEKOFa for <radext@ietfa.amsl.com>; Mon, 18 Sep 2023 06:31:13 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1984C15170B for <radext@ietf.org>; Mon, 18 Sep 2023 06:31:11 -0700 (PDT)
Received: from smtpclient.apple (unknown [75.98.136.130]) by mail.networkradius.com (Postfix) with ESMTPSA id 80502211; Mon, 18 Sep 2023 13:31:01 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <CAOW+2dtDiL1DVd+uc0cga5ng+540v1h-Fgdm3Yo=GPOUGCYR0g@mail.gmail.com>
Date: Mon, 18 Sep 2023 09:31:00 -0400
Cc: radext@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <8D4A5243-47E4-44E1-825E-8B74772FD6AF@deployingradius.com>
References: <C3B7208C-C5E9-4F24-A4A3-9786A4568134@gmail.com> <0A108CC4-20E0-4089-9C73-6C321969133D@deployingradius.com> <CAOW+2dtDiL1DVd+uc0cga5ng+540v1h-Fgdm3Yo=GPOUGCYR0g@mail.gmail.com>
To: Bernard Aboba <bernard.aboba@gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/3Zi-LYWCNoqlr13i2Etyz4n2qzo>
Subject: Re: [radext] I-D Action: draft-ietf-radext-tls-psk-03.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Sep 2023 13:31:14 -0000
On Sep 18, 2023, at 1:01 AM, Bernard Aboba <bernard.aboba@gmail.com> wrote: > [BA] A more general admonition is better given the past (and most likely future) problems. Sure. Perhaps MUST only use TLS 1.3 or later, as it already has provisions for tying the PSK to the TLS version. > The more basic problem is that secure RADIUS could take more than a decade to deploy, and I'm concerned that we could be into the post-quantum era before we're even at the half-way point. AFAICT, the basic protection mechanism, (D)TLS, should be fine; but credentials (such as PSKs installed for use with TLS 1.3) won't be. > > This makes me wonder whether there is a critical element missing - a credential provisioning mechanism. For example, a mechanism to use a TLS 1.3 PSK to obtain a post-quantum credential usable with TLS 1.4. We've been trying to address that for 20+ years IIRC. I think the good news is that the opposition to these activities seems to have died down. That makes it easier to solve these problems. There may be ways to do this provisioning automatically over RADIUS, but I'm wary of designing yet another provisioning system. We could use existing protocols (e.g. EST RFC 7030), but the NASes typically have minimal resources, and minimal UI. > Secure RADIUS will most likely be a "forklift" (or "dump truck") upgrade. NAS devices approaching (or past) end-of-life may not have a secure upgrade available. So where the service is still viable (e.g. enterprise Wifi), new equipment will need to be purchased and provisioned. This typically runs on a 7 year depreciation cycle. In situations like that, customers tend to become very upset if the equipment becomes obsolete before the end of the depreciation period, because this means that their companies need to "write off" the equipment, which goes direct to the bottom line. Very often, if a major transition can be envisaged (e.g. IPv4 to IPv6), customers will impose requirements to prevent the purchase of equipment that could become obsolete prior to the end of the depreciation lifetime. The good news is that many NASes already support TLS, as they often have web UIs. So the only next step here is to support RADIUS over TLS. And many already do that. I think one way to help that is to push the "deprecation" document. If vendors are embarrassed by having known insecurities, then it's more likely that they will upgrade. > So it's nice to have a story to tell that can reassure them. I agree. I think also that if we can, it is highly beneficial to solve this problem now. That way we don't need to do it again later. And implementors can just fix their systems once, and then get the benefit of the updates without needing to wait a decade. Alan DeKok.
- [radext] I-D Action: draft-ietf-radext-tls-psk-03… internet-drafts
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Heikki Vatiainen
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Heikki Vatiainen
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Michael Richardson
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alexander Clouter
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Bernard Aboba
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Peter Deacon
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Valery Smyslov
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alexander Clouter
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Bernard Aboba
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Bernard Aboba
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Valery Smyslov
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Heikki Vatiainen
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Peter Deacon
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Peter Deacon