Re: [radext] Confirmation of Adoption of Deprecating Insecure Uses of RADIUS as a WG work item

Alexander Clouter <alex+ietf@coremem.com> Tue, 08 August 2023 22:46 UTC

Return-Path: <alex+ietf@coremem.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46B7BC15153D for <radext@ietfa.amsl.com>; Tue, 8 Aug 2023 15:46:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.804
X-Spam-Level:
X-Spam-Status: No, score=-2.804 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=coremem.com header.b="NRLiUHDe"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="2bi2clBp"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nvrfdv-RX5GE for <radext@ietfa.amsl.com>; Tue, 8 Aug 2023 15:46:53 -0700 (PDT)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97D05C151546 for <radext@ietf.org>; Tue, 8 Aug 2023 15:46:53 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id F074C3200805 for <radext@ietf.org>; Tue, 8 Aug 2023 18:46:52 -0400 (EDT)
Received: from imap46 ([10.202.2.96]) by compute5.internal (MEProxy); Tue, 08 Aug 2023 18:46:53 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coremem.com; h= cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; t=1691534812; x=1691621212; bh=UN KE1hBiGy7tu/PGOSRUdmQUN5akMAKX90rbFuhAtBo=; b=NRLiUHDe92b2PPqJy4 Q//wVljLrOsS+mOC9uqrqQKyxUCBVGRCN9K1nMJour+w4wPMJ73ztpAnR2p8Myeh JwYNB8t+BLVCJ0JQWbrGv/WVM5atl7CA/V0fi5yvOca5bsbcHPu3fPf5N3QnwSb7 Rle0p6H3LJU1YXv1ESf+3090yhfiRg4A0XC9YjNBY+wUJ4l5GeB3M8dFGjAbvC6e d1XjYfP01gtQQxbCJ6wGbOMdlu4TNts4hUGI5lqY7oanIc4Lsa1Z0vwUfKtr320s 9dwI/SaqTtDcsOJTEZPJM5Idcoy0F5L6gJhCQ4tYtwTjkaYkVpVUV5M8fjCu7JQY kzXw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1691534812; x=1691621212; bh=UNKE1hBiGy7tu /PGOSRUdmQUN5akMAKX90rbFuhAtBo=; b=2bi2clBpy+qgWrgjXPuji5yhY8vXq X6xNwzcTa8Tw3iUuc6xCg/xamsXvVWv3AOC8FEKT95OGTcW0kP4VLp4gnGC4+EQN zOeRe+54EUCvtIkVp3uX0v8O/i9OxVhk6MkRHWyg8v0VSYbCBWij1fq4Y+u/YL+Y DPZ2uR7LZBFnC/lYAnCw023tdN9+fKxkbrlz4DCf+QKxNp86GlxWOEXl5J0+YZFq GLA+xN8iinjCpQDfw4cBVWsYHR1J05m8Kkfx9DMYm4lufRc1MBJdIpmbVZaJUDge QvtxVWBNUjfS4uFca4h9+/MYS9Cqbef+ZeVjBXMgynv0bO4et9Zd/8JgA==
X-ME-Sender: <xms:3MXSZDs_zwJ53VkYp4z7k_QgeCRkNWLhuokTOuAal0tkyOdKGfIcKw> <xme:3MXSZEcKZyHLfawolF5BlyeWW2WcelEx0uxaK09KAt9oDAvciKR9jEeLUR52Z3jsj f9BWJa2o48bkN4jNA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrleefgddufecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesrgdtre erreerjeenucfhrhhomhepfdetlhgvgigrnhguvghrucevlhhouhhtvghrfdcuoegrlhgv gidoihgvthhfsegtohhrvghmvghmrdgtohhmqeenucggtffrrghtthgvrhhnpeegkeeggf efgeelffefheeuleeluddtuddvkeevhfffkeelhfdutdetieeljefgfeenucffohhmrghi nhepihgvthhfrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg hilhhfrhhomheprghlvgigodhivghtfhestghorhgvmhgvmhdrtghomh
X-ME-Proxy: <xmx:3MXSZGyC784WjJxQtr6LlGIAcR5l8Z0PtfsK2eB0OwdhmkC2UZHUJQ> <xmx:3MXSZCP8mnMGoQn6MDbloFJlCwgC1z9Przk54M1ckfO0F26BZzJ1Pw> <xmx:3MXSZD-RDH7y62ARLysd5bRKJYEa7x0nXKqNI0OxJLJENHfqwz2sbg> <xmx:3MXSZGI21GkOQZVA7I5cxdsmsiP9cWA7ttTRcQkozw1lSAc2vXD42w>
Feedback-ID: ie3614602:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 434412A20085; Tue, 8 Aug 2023 18:46:52 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.9.0-alpha0-624-g7714e4406d-fm-20230801.001-g7714e440
Mime-Version: 1.0
Message-Id: <f2399ee0-ee9a-49ca-8f4c-46f737033b5d@app.fastmail.com>
In-Reply-To: <02B774FC-E179-4689-99DB-D8462ECD6EB9@gmail.com>
References: <02B774FC-E179-4689-99DB-D8462ECD6EB9@gmail.com>
Date: Tue, 08 Aug 2023 23:46:30 +0100
From: Alexander Clouter <alex+ietf@coremem.com>
To: radext@ietf.org
Content-Type: multipart/alternative; boundary="b34b9213c7b54b0f9308774ba2fbd2a0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/E-Mv4iyVq-FS6yx-aHULepuPDIA>
Subject: Re: [radext] Confirmation of Adoption of Deprecating Insecure Uses of RADIUS as a WG work item
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Aug 2023 22:46:58 -0000

On Thu, 3 Aug 2023, at 17:03, Margaret Cullen wrote:
> During the Interim WG Meeting in March, there was consensus of those present to adopt the “Deprecating Insecure Uses of RADIUS” draft (https://datatracker.ietf.org/doc/draft-dekok-radext-deprecating-radius/) as a WG work item.  It has since been pointed out that the consensus from that meeting was not properly confirmed on the mailing list.  Therefore…
> 
> We are officially asking the group to confirm the decision made at the March Interim Meeting to adopt https://datatracker.ietf.org/doc/draft-dekok-radext-deprecating-radius/ as a Working Group work item, to fulfill the following charter item:
> 
>  • Deprecating the use of insecure transports outside of secure networks. This work updates RFC 6421.
> 
> Please read the draft and send a reply clearly indicating whether you DO SUPPORT or DO NOT SUPPORT adoption of this draft as a WG work item.  Please start a separate thread for any feedback or questions about the document.

I support adoption.

Thanks