Re: [radext] the future of RADEXT
Oleg Pekar <oleg.pekar.2017@gmail.com> Wed, 09 February 2022 17:50 UTC
Return-Path: <oleg.pekar.2017@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FDD53A0AF9 for <radext@ietfa.amsl.com>; Wed, 9 Feb 2022 09:50:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aE6kKy52QMPr for <radext@ietfa.amsl.com>; Wed, 9 Feb 2022 09:50:00 -0800 (PST)
Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A58243A0AAB for <radext@ietf.org>; Wed, 9 Feb 2022 09:50:00 -0800 (PST)
Received: by mail-pf1-x432.google.com with SMTP id 9so2685440pfx.12 for <radext@ietf.org>; Wed, 09 Feb 2022 09:50:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=MQjKUTVRMVGv4qwk9UFuETysXoOSBraSgIKz5h87JFM=; b=dskWzmx/ZpJLw4+rqpP2Wfp+k43XE+9AdqzsQFdRJjcoCCrnh5CvP7/I1/V0bMOcaM g8MVR4e7NjOldX0TfIEuqAD19MT144DjxNk2wI4vC62WIBbdj/q5N3Une+lG11C5AuVi /roColFh9S4SgA7kvjGFSROgc1DDs0Zl9s1rKX7nfAec8IOeetgDLhMGCINAHP/y8spR iRmaWxFcMbzHvsJSwUXM/jGU1nao5kKdWUeFMolKFuF8q9UIheCnJcWQzlqehZLIyrIz T62qPg+gVS5NlVZDr/N/PApYk4lestp0QAhaWYln//I0SNtrNnrSpajj7jeKE+2CXYpR VeHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MQjKUTVRMVGv4qwk9UFuETysXoOSBraSgIKz5h87JFM=; b=i7DhXzilpaQV3Q9epvzXHGG3BzT5e3gdDlhbO/la5dWe2uL6Qw1HKjuM8EtduC5l+d 3bQ6G6hKgN2kAfIY21pb90SV/HQegTSC8SXae9nO8xZ/4vWqLPYy3b9/UFMKZoFiwZz1 uyWKXwcqth9E+tIRoorIQqljaK94f7THQ5nDazw/p+PjhnknTx5zfVxz2f46KcN8NFVw vQjFLNV8IE/SWlhc6Px9lxBBSPmbykm5M3+go+S+TmhDYYeN51I0pjtBwNI5/VmK4Om8 kUR6xU/MED4aHBdLFdZj8+iMYos5OpxYLIy2/MLSYbAAdsb5I+UVOGvPmXu2wegubyQ0 LJ4g==
X-Gm-Message-State: AOAM530U5BHXa25pdzu8b158HHJRGk2rEvK+tECH3/OveeE1/AMCdgjz 8moFc0MC4CRqlbvRndi1eDkSR6IFPjHV7neW4oA=
X-Google-Smtp-Source: ABdhPJxLfnMJo54rdVqk/4P7KaZgGBgwmMhU/BH7XA2PXxEDFxz8ZEdeN/6AqtMYgU8jfx1BXS8QcE7r/REDOymlr/g=
X-Received: by 2002:a05:6a00:1a8d:: with SMTP id e13mr3468054pfv.82.1644428998424; Wed, 09 Feb 2022 09:49:58 -0800 (PST)
MIME-Version: 1.0
References: <20220208185920.GK48552@kduck.mit.edu> <46636323-221D-4CBE-9E97-8425A82F2460@deployingradius.com> <CAOW+2duwKw-hnF+rzD9-4dG0Bq989Y8BALmOfuTdEZZzQv-WFA@mail.gmail.com> <24556_1644400373_62038EF5_24556_70_1_a640e7a651304caba8267c4e50566d54@orange.com>
In-Reply-To: <24556_1644400373_62038EF5_24556_70_1_a640e7a651304caba8267c4e50566d54@orange.com>
From: Oleg Pekar <oleg.pekar.2017@gmail.com>
Date: Wed, 09 Feb 2022 19:49:46 +0200
Message-ID: <CABXxEz8EGNgZYrS5B0oxv+XaH0GXgz020u+9CaMvuKNLjNneiw@mail.gmail.com>
To: lionel.morand@orange.com
Cc: Bernard Aboba <bernard.aboba@gmail.com>, Alan DeKok <aland@deployingradius.com>, "radext@ietf.org" <radext@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Content-Type: multipart/alternative; boundary="0000000000004f3b3b05d799766e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/N_76b8lZCpzMAiGIthvDsN0N4-U>
Subject: Re: [radext] the future of RADEXT
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Feb 2022 17:50:05 -0000
I would be happy to see this WG alive. On Wed, Feb 9, 2022 at 11:53 AM <lionel.morand@orange.com> wrote: > I would be happy to contribute. > > > > Lionel > > > > > > Orange Restricted > > *De :* radext <radext-bounces@ietf.org> *De la part de* Bernard Aboba > *Envoyé :* mardi 8 février 2022 21:18 > *À :* Alan DeKok <aland@deployingradius.com> > *Cc :* radext@ietf.org; Benjamin Kaduk <kaduk@mit.edu> > *Objet :* Re: [radext] the future of RADEXT > > > > Alan said: > > > > "It would be useful to standardize RFC 6613, 6614, and 7360. Along with > updating them for TLS 1.3, and adding things like Server Name Indicator." > > > > [BA] RFC 6421 laid out the process for developing a crypto-agile version > of RADIUS. The last phase of that roadmap (selection of standardization > candidates) remains outstanding, and needs to be completed. > > > > "I suspect, however, that there is limited interest, even though such work > would be useful." > > > > [BA] A secure version of RADIUS will not be easy to deploy, but it's an > important task nevertheless. The information that flows unprotected over > networks via RADIUS includes information on the control and management of > network devices as well as information that can be used to determine the > location of users. From a cryptographic standpoint, the RADIUS protocol > was substandard in the 1990s, and now, 30 years later it represents a major > weakness in critical infrastructure. That's the kind of problem that > governments may want to take an interest in fixing. > > > > > > > > > > > > > > > > > > On Tue, Feb 8, 2022 at 11:26 AM Alan DeKok <aland@deployingradius.com> > wrote: > > On Feb 8, 2022, at 1:59 PM, Benjamin Kaduk <kaduk@mit.edu> wrote: > > As such, I believe that we should close the RADEXT WG and continue to > > redirect further RADIUS work to OPSAWG, including solutions for the > > Identifier problem if energy appears to work on them. > > I think that's reasonable. > > > Please let me know (on list is fine) if you have concerns about this plan > > by 22 February 2022, along with any alternative proposals that might > > address those concerns. However, in order to demonstrate that there is > > energy to keep the WG open and make progress on our remaining chartered > > item, I would need to see interest from multiple individuals in pursuing > > such a course of action, along with an estimate for when such work would > > ultimately be completed (that would function as a deadline for > re-assessing > > the WG's progress and possibly closing the WG if insufficient progress is > > being made). > > I'm happy to work on RADIUS things. It would be useful to standardize > RFC 6613, 6614, and 7360. Along with updating them for TLS 1.3, and adding > things like Server Name Indicator. > > I suspect, however, that there is limited interest, even though such > work would be useful. > > > This is by no means a failure outcome; the WG has produced a lot of good > > work and we should be proud of what we have accomplished even as we look > > forward to what might be done in OPSAWG in the future. > > I agree. > > Alan DeKok. > > _______________________________________________ > radext mailing list > radext@ietf.org > https://www.ietf.org/mailman/listinfo/radext > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. > > This message and its attachments may contain confidential or privileged information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. > Thank you. > > _______________________________________________ > radext mailing list > radext@ietf.org > https://www.ietf.org/mailman/listinfo/radext >
- [radext] the future of RADEXT Benjamin Kaduk
- Re: [radext] the future of RADEXT Alan DeKok
- Re: [radext] the future of RADEXT Bernard Aboba
- Re: [radext] the future of RADEXT lionel.morand
- Re: [radext] the future of RADEXT mohamed.boucadair
- Re: [radext] the future of RADEXT Diego R. Lopez
- Re: [radext] the future of RADEXT Behcet Sarikaya
- Re: [radext] the future of RADEXT Oleg Pekar