Re: [radext] PSK identity encoding in Radius TLS-PSK
Alan DeKok <aland@deployingradius.com> Tue, 19 March 2024 05:06 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE81DC14F5F8 for <radext@ietfa.amsl.com>; Mon, 18 Mar 2024 22:06:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V-Ix3UfKjxxW for <radext@ietfa.amsl.com>; Mon, 18 Mar 2024 22:05:58 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AC4AC14F614 for <radext@ietf.org>; Mon, 18 Mar 2024 22:05:57 -0700 (PDT)
Received: from smtpclient.apple (dhcp-809c.meeting.ietf.org [31.133.128.156]) by mail.networkradius.com (Postfix) with ESMTPSA id E5EE27E1; Tue, 19 Mar 2024 05:05:52 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <CAA7Lko9tyzPDAhi83ij0ZkKPwt=g_yFXAKyV6QYEs60nAx2_qA@mail.gmail.com>
Date: Tue, 19 Mar 2024 15:05:20 +1000
Cc: radext@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <FFE816A4-5767-4509-B8F2-5702B3F89F25@deployingradius.com>
References: <CAA7Lko9tyzPDAhi83ij0ZkKPwt=g_yFXAKyV6QYEs60nAx2_qA@mail.gmail.com>
To: Heikki Vatiainen <hvn@radiatorsoftware.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/KoWk2MP2kRDKbwgbh_ZqvnUxE1Q>
Subject: Re: [radext] PSK identity encoding in Radius TLS-PSK
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2024 05:06:02 -0000
On Mar 19, 2024, at 12:15 PM, Heikki Vatiainen <hvn@radiatorsoftware.com> wrote: > > draft-ietf-radext-tls-psk-09 currently states: > https://www.ietf.org/archive/id/draft-ietf-radext-tls-psk-09.html#section-4.2-9 > > 3. When the server issues session tickets for resumption, the server ensures that they are not valid UTF-8. > 4. One way to do this is to use stateless resumption with a forced non-UTF-8 key_name per [RFC5077], Section 4, such as by setting one octet to 0x00. > 5. When receiving TLS, the server receives Client-Hello containing a PSK, and checks if the identity is valid UTF-8 > > UTF-8 encoding of ASCII NUL (an octet with all bits set to zero) is 0x00. Therefore the above steps seem suspect. 0x00 is valid UTF-8. > https://en.wikipedia.org/wiki/Null_character#Encoding OK. The document should be updated, then. > In general, binary data put through a UTF-8 decode may return success even when the binary data didn't originate from a UTF-8 encode call. A remainder in the sample validation flow would be useful. I think it's best to rephrase this as "printable text" versus "UTF-8 data". And to clarify that we're not mandating behavior, but instead documenting it. Most sites will likely use short humanly-readable text for normal identifiers, and long binary blobs for resumption identifiers. So that's perhaps the document should explain it that way, Alan DeKok.
- [radext] PSK identity encoding in Radius TLS-PSK Heikki Vatiainen
- Re: [radext] PSK identity encoding in Radius TLS-… Alan DeKok