Re: [radext] I-D Action: draft-ietf-radext-tls-psk-01.txt

Alexander Clouter <alex+ietf@coremem.com> Wed, 09 August 2023 19:30 UTC

Return-Path: <alex+ietf@coremem.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 923B6C1522BE for <radext@ietfa.amsl.com>; Wed, 9 Aug 2023 12:30:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.809
X-Spam-Level:
X-Spam-Status: No, score=-2.809 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=coremem.com header.b="DkEAENq5"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="fgM+Sumn"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Up28QxLv5ppX for <radext@ietfa.amsl.com>; Wed, 9 Aug 2023 12:30:14 -0700 (PDT)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B3D4C1522AB for <radext@ietf.org>; Wed, 9 Aug 2023 12:30:14 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id 5BE9D3200B0C for <radext@ietf.org>; Wed, 9 Aug 2023 15:30:13 -0400 (EDT)
Received: from imap46 ([10.202.2.96]) by compute5.internal (MEProxy); Wed, 09 Aug 2023 15:30:13 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coremem.com; h= cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; t=1691609412; x=1691695812; bh=kf kdsRasXLFaVsqJY5SbApPLpEbGjis/C4CmkT2WP4U=; b=DkEAENq56f204pNAh7 We5jPrGAcLm/Ymq843f8anpSrrHNIhm+XLchbpZKse1xBZY3EKd0DAMCDF17EnGO F6TW5+ITnnARtmaCxEExb2LDigKOvOYNsN3Lgu6fMRrLsQpwNM3unf25hV64Vyqe DENLGRPv9ocQzhoAW6qXve9H7btEtHRI+An34Pdelr1H5gcRe18QBf0BL433/+r2 DcWp+UukZY/94lpVOcHEBz+Mb4F0TTS8frcrF1N3TMNnaEn+gdBqhKTYcOm4lDIA PjcQKGUrj/rHtvLa90YObJsXAQw4tNLu7nbmZ6xm/b38/9aQyztTP0NpGlqbkXii R0KA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1691609412; x=1691695812; bh=kfkdsRasXLFaV sqJY5SbApPLpEbGjis/C4CmkT2WP4U=; b=fgM+Sumn8nN2SW968z2VWZfbhBAT7 9IylbyLCq3tJYTt13B1sxh5q9oFDbBShVdTTJ4WsxBROg47ZJemYAgtZAEpmb0st 5P+NcTAWWLan1lE1/rqRug3PbYjW/qbCt85l4VPC3jejcyxtVhBMqI2PL4SY4w42 +mgEothaNOxX+QE5bjPBiKn5YT3ja/bGDzx4iX3q84eFzc44KAHZXHlSr6T4NpfS F0SEDzBmV85CSLRnmd3tkAi30iuwPHoRAJE3O1iyZIB2Paj2HD6xxiUWECnPkMdn 84xxufsqBncY1swF0ihwfPV2UwL2oGxzaR2kV7Hm/Z7nvMyNYhswjhURA==
X-ME-Sender: <xms:ROnTZMHF1KobRQkWZAq_e_4eK2krfX4ZUEeyeuuYM8RlEKugqOfs7Q> <xme:ROnTZFW1JdpjPip7yEG_jhKIJPoAmmJqNiXTRbCPDle9ks7KbAWNE1AJEamsFvHAZ l_XNqqAQlN3spHv0g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrleeggddufeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedftehlvgigrghnuggvrhcuvehlohhuthgvrhdfuceorghl vgigodhivghtfhestghorhgvmhgvmhdrtghomheqnecuggftrfgrthhtvghrnhepuddtvd ehvdfgvdeijeehfffgleegudfhtedvtdduudekffejjeeihfeludektedunecuffhomhgr ihhnpehivghtfhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmh grihhlfhhrohhmpegrlhgvgidoihgvthhfsegtohhrvghmvghmrdgtohhm
X-ME-Proxy: <xmx:ROnTZGLrtJrjBT8QclYZVFkLdTr76ZO7o7lb2zOPww5jyFx6UaUCKw> <xmx:ROnTZOGwvamLOVeKSrdUGsaHKVffzwNDvSomi2h-tLkEFeV8fbUqjQ> <xmx:ROnTZCU6XhyLpehKXMqg0s-zPXWE3r5xGNemIkoVW6VIoPw-Uo1P-w> <xmx:ROnTZKjHdSz2r3t8qHNet6R-s5zrUbOEjV639nShFD9z5X9fXdpAVw>
Feedback-ID: ie3614602:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 757AC2A20085; Wed, 9 Aug 2023 15:30:12 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.9.0-alpha0-624-g7714e4406d-fm-20230801.001-g7714e440
Mime-Version: 1.0
Message-Id: <77dac3b2-73be-4170-8a6e-17a70361e750@app.fastmail.com>
In-Reply-To: <169151650874.8889.17786705009619055833@ietfa.amsl.com>
References: <169151650874.8889.17786705009619055833@ietfa.amsl.com>
Date: Wed, 09 Aug 2023 20:29:52 +0100
From: Alexander Clouter <alex+ietf@coremem.com>
To: radext@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/4y3tjkLyiKaiaQSlAbbcXs6dJ7A>
Subject: Re: [radext] I-D Action: draft-ietf-radext-tls-psk-01.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Aug 2023 19:30:18 -0000

On Tue, 8 Aug 2023, at 18:41, internet-drafts@ietf.org wrote:
>
>    Title           : RADIUS and TLS-PSK
>    Author          : Alan DeKok
>    Filename        : draft-ietf-radext-tls-psk-01.txt
>    Pages           : 12
>    Date            : 2023-08-08
>
> Abstract:
>    This document gives implementation and operational considerations for
>    using TLS-PSK with RADIUS/TLS (RFC6614) and RADIUS/DTLS (RFC7360).

Section 4.1:

I keep re-reading the following and I just don't "get it":

"If an implementation supports both TLS 1.2 and TLS 1.3, it MUST require that TLS 1.3 be negotiated in RADIUS/TLS and RADIUS/DTLS. This requirement prevents reuse of a PSK with multiple TLS versions, which prevents the attacks discussed in [RFC8446] Section E.7."

I understand we need to avoid reusing the same PSK across versions but my brain parses this paragraph as "if your implementation supports both 1.2 and 1.3...just delete the code supporting 1.2 immediately".

I remember, but cannot find, some discussion about this being maybe tied back to avoiding a client being upgraded that was 1.2 only, to support 1.2 and 1.3 but still retaining the same secret and the proceeding to try using it for 1.3.

So I am confused about what the action is here for an implementor if I want to support TLS-PSK on 1.2?

Section 5:

"Implementations MUST use ECDH cipher suites", any reason why I cannot use anything else now or in the future? Should this be "MUST support" instead?

Misc:

s/identies/identities/gi
s/docoument/document/g
s/deriviation/derivation/g
s/administators/administrators/g
s/Implementaions/Implementations/
s/tempation/temptation/g
s/constrast/contrast/g
s/yserver/server/g
s/signicantly/significantly/g
s/supprted/supported/g

Cheers

[1] https://mailarchive.ietf.org/arch/msg/radext/WqO-u5pCZxpIVocm8O7svNd6qhM/