IETF Logo Mail Archive

Re: [radext] New DTLS document

Peter Deacon <peterd@iea-software.com> Mon, 29 April 2013 21:39 UTC

Return-Path: <peterd@iea-software.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0651221F9B64 for <radext@ietfa.amsl.com>; Mon, 29 Apr 2013 14:39:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0mpMYxHWdK2e for <radext@ietfa.amsl.com>; Mon, 29 Apr 2013 14:39:39 -0700 (PDT)
Received: from aspen.internal.iea-software.com (remote.iea-software.com [70.89.142.196]) by ietfa.amsl.com (Postfix) with ESMTP id A777721F9B3C for <radext@ietf.org>; Mon, 29 Apr 2013 14:39:39 -0700 (PDT)
Received: from SMURF (unverified [10.0.3.195]) by aspen.internal.iea-software.com (Rockliffe SMTPRA 7.0.6) with ESMTP id <B0005881302@aspen.internal.iea-software.com>; Mon, 29 Apr 2013 14:39:38 -0700
Date: Mon, 29 Apr 2013 14:39:35 -0700
From: Peter Deacon <peterd@iea-software.com>
To: Jouni Korhonen <jouni.nospam@gmail.com>
In-Reply-To: <0E1BBA4B-1985-43C3-800A-AF336CABEF30@gmail.com>
Message-ID: <alpine.WNT.2.00.1304291130500.9792@SMURF>
References: <516EA97E.2000005@deployingradius.com> <C47910C2-BCEA-4DC2-A016-C98D67B62DD9@gmail.com> <A95B4818FD85874D8F16607F1AC7C628B4032E@xmb-rcd-x09.cisco.com> <0E1BBA4B-1985-43C3-800A-AF336CABEF30@gmail.com>
User-Agent: Alpine 2.00 (WNT 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Cc: radext@ietf.org, "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>, Alan DeKok <aland@deployingradius.com>
Subject: Re: [radext] New DTLS document
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Apr 2013 21:39:45 -0000

On Mon, 29 Apr 2013, Jouni Korhonen wrote:

> Thanks Joe for detailed comments. Just few generic questions to the WG.

> 1) Do you agree with Joe's suggestion to use the same port as RADSEC:
> 	radius-dtls 2083/udp RADIUS over DTLS [RFCTBD]

Yep

> 2) Do you think Joe's concern on Section 5.1.2 "disambiguation recommendation"
>   is something that need to be reconsidered..

This does not seem to be difficult to mitigate against.  I think any of 
the following would be an improvement:

Either 4-byte or single byte header.

    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |     Code      |          Session ID  (Issue #64)              |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | DTLS ...

or

    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |     Code      |          DTLS ...
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

or

Removal of disambiguation.  DTLS implementations expected to use DTLS 
port.

Would prefer any of the above changes with a preference for removal of 
disambiguation however also willing to live with draft as-is.

regards,
Peter

v2.23.0 | Report a Bug | By Email