IETF Logo Mail Archive

Re: [radext] WGLC for draft-ietf-radext-radiusv11-02

Alan DeKok <aland@deployingradius.com> Thu, 26 October 2023 18:07 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 910E5C151070 for <radext@ietfa.amsl.com>; Thu, 26 Oct 2023 11:07:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id togWrYQHGgeC for <radext@ietfa.amsl.com>; Thu, 26 Oct 2023 11:07:14 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1152AC14CE45 for <radext@ietf.org>; Thu, 26 Oct 2023 11:06:30 -0700 (PDT)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id 694FF308; Thu, 26 Oct 2023 18:06:25 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <586a427e-b2d0-f4ff-aab6-1946ece7e50d@iea-software.com>
Date: Thu, 26 Oct 2023 14:06:23 -0400
Cc: Valery Smyslov <valery@smyslov.net>, radext@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <60941FFF-0FC1-4560-B5D0-A11FC3F31268@deployingradius.com>
References: <06a401da0827$838550f0$8a8ff2d0$@smyslov.net> <586a427e-b2d0-f4ff-aab6-1946ece7e50d@iea-software.com>
To: Peter Deacon <peterd@iea-software.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/9JZk_-kiiX2UExf3rSzUYS-DVU0>
Subject: Re: [radext] WGLC for draft-ietf-radext-radiusv11-02
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2023 18:07:16 -0000

On Oct 26, 2023, at 1:07 PM, Peter Deacon <peterd@iea-software.com> wrote:
> I don't think this document should move forward unless security standards related claims are either withdrawn or objectively substantiated.
> 
> As I provided reference for earlier and has been conveyed by others use of unapproved algorithms for non-security reasons is NOT disallowed by FIPS-140.

  From the text you quoted:

> "In addition, the dependency on
>   MD5 makes it impossible to use RADIUS in a FIPS-140 compliant system,
>   as FIPS-140 forbids systems from relying on insecure cryptographic
>   methods for security."

  That text addresses your concerns, does it not?

  Perhaps it could be touched up slightly to say:

	... the reliance on MD5 for security ...

> Further unless there has been a credible review of these systems WRT relevant standards text implying compliance is inappropriate.

  The text doesn't suggest that removing MD5 means that the systems are FIPS compliant.  It suggests that removing MD5 makes it easier for them to be *capable* of FIPS compliance.

  I don't see any text in the document which says "systems implementing this standard are by definition FIPS compliant".

  As such, I don't see how the above comment is relevant to the text in the document.

> " Systems which implement this transport profile are therefore capable of being FIPS-140 compliant. "

  That statement can be word smithed a bit.

  The issue people run into is that it's hard to audit software for FIPS compliance.  If the software uses MD5, is that being used for security, or for something else?  Unless they read the source code to all of the programs, they can't really tell.

  As a result. the simplistic approach is to just ban MD5 completely.  If MD5 is not used at all, it can't be used for security.  And therefore it's easier to demonstrate compliance.

  So the intent of the above statements is that it's easier to show FIPS compliant if they don't have MD5.

  Perhaps instead:

	Systems which implement this transport profile are more easily verified to be FIPS-140 compliant.

> " A major benefit of this extensions is that a home server which
>   implements it can also choose to also be fully FIPS-140 compliant."

  Perhaps instead:

	A major benefit of this extensions is that a home server which implements it can also be more easily verified for FIPS-140 compliance.  That is, a home server can remove all uses of MD4 and MD5, which means that those algorithms are provably not used for security purposes.

  I think these minor changes should address all of your concerns.

  Alan DeKok.

v2.23.0 | Report a Bug | By Email