Re: [radext] I-D Action: draft-ietf-radext-tls-psk-02.txt
Heikki Vatiainen <hvn@radiatorsoftware.com> Sun, 20 August 2023 16:34 UTC
Return-Path: <hvn@radiatorsoftware.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03714C14CEFF for <radext@ietfa.amsl.com>; Sun, 20 Aug 2023 09:34:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.907
X-Spam-Level:
X-Spam-Status: No, score=-6.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=radiatorsoftware-com.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z1R6fnOuRN0V for <radext@ietfa.amsl.com>; Sun, 20 Aug 2023 09:34:36 -0700 (PDT)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09716C14F74E for <radext@ietf.org>; Sun, 20 Aug 2023 09:34:35 -0700 (PDT)
Received: by mail-ed1-x52e.google.com with SMTP id 4fb4d7f45d1cf-51d95aed33aso3195830a12.3 for <radext@ietf.org>; Sun, 20 Aug 2023 09:34:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=radiatorsoftware-com.20221208.gappssmtp.com; s=20221208; t=1692549273; x=1693154073; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=c405uyDh+qcgmSSG9BrGQT7GiEJBvznCpKsdIa4vD1k=; b=lO47l6w9VdFccHOUaGQJzxIBn0AGPGdQABoPiMUrkIg7+u7yrW9lZVktKwQTn/NKuT njvgZ3QhoeIuN9AGuBvt8/ysEQuaG1W+qch2aCjKq7C2PJjBH03/VAwub9KHCFABSvs5 Z3vvMiPXieivDl+w+yRZR5Qc7V9X8Vg4LNfqILpIGGwuFzbdOvSWMhGSI6+thuu4GihA IZndGzmeReZpa4A/eSpZkelh2ViTogf+3QkQKf8w2yKR3R0gR3NkrDAnHhP8V5Ia882d q7wVrV0lzZgmqne3pYKzLhFfufqvxzJXiyBuTJxZW9KzOolTEw7Gy4WYQfru3CraCQUV ZTqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1692549273; x=1693154073; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=c405uyDh+qcgmSSG9BrGQT7GiEJBvznCpKsdIa4vD1k=; b=SXz+yVij58QaENLBCaMcIxaXAnH0QlE/S5j+D6gECMqfSRGQqA1L3cXcRoGhfpyhbp VqaGeU/kif3ldPIZzh+SE0aOtGnuH19uKpF+vYhWnmaRmFV5W6tBm33lF+l7zokkmzU8 cEXCQD6sE7/bSZ5TvBSIDA7zjzmA4pDMvs1HiZRBkNahXxrOSDFW6ksDLG4+iVZ0CslR ib1do9LH7qqC0pLlfV1FsuHO3sxk+IUlraw3g0ovF09uj6nqBoFmtbD+4vvC83R2kaHN YGUL5xzwXrsIQX05PO4Zznv5DL0oInFPGa2oaFvNKYWm6l878MjQnV4KDCQekBaCui0f 1ZrQ==
X-Gm-Message-State: AOJu0YynGyFZ1me1z/alKoWIAYEpGr6Qcdt0OT1347laf5Nj0yetsAIX +wlJ5Amj8fcOCw7fsH0b3ZbSnpwFIoBLn23fCmCMkK96h32LwaY4
X-Google-Smtp-Source: AGHT+IEztYOT5JnjVdXgg/x94L1y6PL9cCGjcsCBBm5aHHI4KF8U2NOo1M7y7/TCoQNSZLA7WI5CTWueRyzxTIMmXA8=
X-Received: by 2002:aa7:c48f:0:b0:522:3cf4:9d86 with SMTP id m15-20020aa7c48f000000b005223cf49d86mr3144704edq.33.1692549273447; Sun, 20 Aug 2023 09:34:33 -0700 (PDT)
MIME-Version: 1.0
References: <169238915704.56283.13664283366489431030@ietfa.amsl.com> <B2006538-89E0-46AC-9834-1854D586B3D3@deployingradius.com> <2060ecfc-65d0-47d0-9c41-edebf6478478@app.fastmail.com> <7FC7064B-0CFA-49D8-8D9E-46E260328DC6@deployingradius.com>
In-Reply-To: <7FC7064B-0CFA-49D8-8D9E-46E260328DC6@deployingradius.com>
From: Heikki Vatiainen <hvn@radiatorsoftware.com>
Date: Sun, 20 Aug 2023 19:34:17 +0300
Message-ID: <CAA7Lko8V9c4V1gyRw8WX=fmb+bZ6zaZLk-7NRCnVqZOe5ZYJAQ@mail.gmail.com>
To: radext@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/71dSvAUpbcHbcbl4-HbGdH2NPIc>
Subject: Re: [radext] I-D Action: draft-ietf-radext-tls-psk-02.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Aug 2023 16:34:40 -0000
On Sun, 20 Aug 2023 at 15:56, Alan DeKok <aland@deployingradius.com> wrote: > > On Aug 20, 2023, at 2:49 AM, Alexander Clouter <alex+ietf@coremem.com> wrote: > > "Implementations MUST use ECDH cipher suites", is this not meant to be "Implementations MUST support ECDH cipher suites" or because pinning cipher suites tends to not age well? > > I'll fix that for sure this time. Here's my suggestion: - first, use IANA recommended ciphersuites; then - with TLS 1.3 use "psk_dhe_ke" PSK key exchange mode - with TLS 1.2 and earlier use ciphersuites that require ephemeral keying. Currently a couple of TLS_(EC)DHE_ prefixed ciphersuites would match the both requirements. In other words, IANA recommended ciphersuites and ephemeral keying are required. It depends on the TLS version (1.3 or earlier) how ephemeral keying is expressed; based on the ciphersuite definition (TLS 1.2 and earlier) or by requiring a suitable key exchange model (TLS 1.3). Regarding my earlier question whether the text "Implementations MUST use ECDH cipher suites" wants to mandate only ECDH or was the purpose to require ephemeral keying, the question is related to the potential DH problems summarised here: https://www.openssl.org/blog/blog/2022/10/21/tls-groups-configuration/ One of the mitigation suggestions is to disable DH and use only ECDH with selected groups. But I'd say there's no need to go to this level of detail in an RFC. -- Heikki Vatiainen hvn@radiatorsoftware.com
- [radext] I-D Action: draft-ietf-radext-tls-psk-02… internet-drafts
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alexander Clouter
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Heikki Vatiainen
- Re: [radext] I-D Action: draft-ietf-radext-tls-ps… Alan DeKok