Re: [radext] Fwd: New Version Notification for draft-dekok-radext-tls-psk-00.txt
josh.howlett@gmail.com Fri, 03 March 2023 17:17 UTC
Return-Path: <josh.howlett@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29AD7C14CEE4 for <radext@ietfa.amsl.com>; Fri, 3 Mar 2023 09:17:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Io5TZxuyyXD for <radext@ietfa.amsl.com>; Fri, 3 Mar 2023 09:17:20 -0800 (PST)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23FDBC14E513 for <radext@ietf.org>; Fri, 3 Mar 2023 09:17:20 -0800 (PST)
Received: by mail-wr1-x431.google.com with SMTP id l1so2954655wry.12 for <radext@ietf.org>; Fri, 03 Mar 2023 09:17:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1677863838; h=thread-index:content-language:mime-version:message-id:date:subject :in-reply-to:references:to:from:from:to:cc:subject:date:message-id :reply-to; bh=AYHhckoD6CZb0I2aFYjRygtJVCEqGf4zqs8wz5qjNZ4=; b=A7DsWCb02qX+M939Ir0DNK1Ii9JCk0WYSQJI6U3WhvxRw5/nDwysT5Tc8CNs+9G02O X/CYgIx9KRkAOEpkBSAE2cZE/knQWv/0r5iiro2gl+gBHS2cNQUCeIyZtZG3alL906Un ApodXbCOoGryUPyfnF54dO5/ntGoFhWNpHjNr/dbdL0lPZjQ1ns9vEE9uXvkhhDm+2VR 4WrbQCo9PmaJZy1S527Ks36UzbRLL2h7XEGiCc5h7e5IGCbfYUemSIcksCPAX4QUwVkz y5dGiz/2J75GZmOVKi6iUIDyNRCh7bcXDd+qsOloz+G3gFSs6UgOtGpb0ebVwz2ecTGs 8opA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677863838; h=thread-index:content-language:mime-version:message-id:date:subject :in-reply-to:references:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AYHhckoD6CZb0I2aFYjRygtJVCEqGf4zqs8wz5qjNZ4=; b=b3/DJhTlvOQCsSdQQH4JxLcs/MiNcUQpYYFBPJtiOg49kHnoWZaxiuzL3U/gSZdwaL 4DcJpYxqT5zkRT5kK35EyHEFjaJflL4RsNaIonk7yAkSelaR7QrJqQaOCPkHMPBkxVqv /KHEUJR8goeq8JrLHByoiMz2wRtTZKfIcFmGzksUIZQSQlNovu7kCTO7bl0A5zOvLB4i pTag8DfrrKo/k4WR87evH++6DBtW1qC8nD6v3TQPSxmLElciafuPSw8EoskfkjxDTTtl kPJzkxPG5wairbThnZC6BTBempkKfCG6aO1m/7os/Xi9Tr0ALkFxckhtjl37fI0jTgVd yXSw==
X-Gm-Message-State: AO0yUKUTPPx9BmXkI9tz3P9f4X83Yc7TZRKEpiTthqPuo9dBHEY5WtFw qvZfELMs1Ctss1HRwIt7+rU=
X-Google-Smtp-Source: AK7set/Fh6JPQBtA3gmgE4IstckdF1PjhNiDhX+wG2vmVhKDRwDpLHda57kbiesmptZXMH4kV54waQ==
X-Received: by 2002:a05:6000:110f:b0:2cb:5f2a:274e with SMTP id z15-20020a056000110f00b002cb5f2a274emr1566248wrw.41.1677863837668; Fri, 03 Mar 2023 09:17:17 -0800 (PST)
Received: from TABLET7VKS5QAO (host81-142-222-159.in-addr.btopenworld.com. [81.142.222.159]) by smtp.gmail.com with ESMTPSA id o42-20020a05600c33aa00b003e215a796fasm2802521wmp.34.2023.03.03.09.17.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Mar 2023 09:17:17 -0800 (PST)
From: josh.howlett@gmail.com
To: 'Alan DeKok' <aland@deployingradius.com>, radext@ietf.org
References: <167785628035.47190.15791139665197204009@ietfa.amsl.com> <1D6E0485-D1BF-4DAE-97A9-F4CCC4DB5F31@deployingradius.com>
In-Reply-To: <1D6E0485-D1BF-4DAE-97A9-F4CCC4DB5F31@deployingradius.com>
Date: Fri, 03 Mar 2023 17:17:17 -0000
Message-ID: <02c401d94df4$01b9e7e0$052db7a0$@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_02C5_01D94DF4.01BFDB50"
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-gb
Thread-Index: AQFKSAQug3liXs9eQ6l/p4958yqVCQD6mSXDr/9ve4A=
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/P-YDLtVuKnYSTwggVOT-SPi3Wmk>
Subject: Re: [radext] Fwd: New Version Notification for draft-dekok-radext-tls-psk-00.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Mar 2023 17:17:21 -0000
Hi Alan, I am sorry for the late review; a few comments: 1. "However, we recognize that it may be difficult to fully upgrade client implementations to allow for certificates to be used with RADIUS/TLS and RADIUS/DTLS" I think the motivation for TLS-PSK is broader than client implementations (e.g., certs are costly to manage). I suggest replacing this with "However, we recognize that certificates may not always be the most appropriate choice for RADIUS/TLS and RADIUS/DTLS". 2. "The client implementation can then expose a flag "TLS yes / no", and then a shared secret (now PSK) entry field." I think the presentation of the configuration is an implementation choice. There are other ways that a PSK could be provisioned into a client. I suggest either removing this text, or softening it so that it is understood as a possible approach. 3. "Any shared secret used for RADIUS/UDP or RADIUS/TLS [RFC6613] MUST NOT be used for TLS-PSK". I assume this is meant as simultaneous use? It would be convenient for operators to switch from RFC2865 to TLS-PSK transport, with the PSK taking the same value as the shared secret (subject to the other requirements). 4. "That is, short PSKs MUST NOT be permitted to be used". I think the language here could be improved: "Shorter PSKs of 15 bytes or less MUST NOT be used". 5. "We also incorporate by reference the requirements of Section 10.2 of [RFC7360] when using PSKs" Is this meant normatively? If so, the language could be more explicit and the reference to RFC7360 moved from "Informative" to "Normative". 6. label the PSK field as "PSK" or "TLS-PKS There is a missing quotation mark at the end of the sentence. 7. "Where dynamic server lookups [RFC7585] are not used, RADIUS clients MUST still permit the configuration of a RADIUS server IP address." RFC7585 discusses certificates, which is outside of the scope of this document, and so this sentence could be simplified: "RADIUS clients MUST still permit the configuration of a RADIUS server IP address". 8. "RADIUS servers MUST be able to look up PSK identity in a subsystem which then returns the actual PSK." Implementation detail - suggest removing. 9. "RADIUS servers MUST support IP address and network filtering of the source IP address for all TLS connections. There is rarely a reason for a RADIUS server to allow connections from the entire Internet, and there are many reasons to limit permitted connections to a small list of networks." I think this text needs qualifying to make it explicit that it refers to connections using TLS-PSK. The point of RFC7585 is to permit connections from the entire Internet. As a general point, is the text around filtering needed? Operators are familiar with the need to restrict inbound connections to applications using network policy enforced by host or perimeter firewalls. This text is pushing the management of network policy into the server, and so implies that the IP address actually is an identifier in terms of connection policy. I think it would be helpful to have greater clarity here around the roles of PSK identifiers and IP addresses as factors of connection policy. 10. "RADIUS servers SHOULD tie PSK identities to a particular permitted IP address or permitted network, as doing so will lower the risk if a PSK is leaked" See my para above. 11. "A RADIUS server which accepts TLS-PSK MUST support a unique PSK identifier per RADIUS client. There is no reason to use the same identifier for multiple clients" There is a reason to use the same identifier for multiple clients: deployers would find it very convenient. It is common practice to use the same RADIUS shared secret(s) for clients within larger deployments. Indeed, RFC2865 states that "[.] it is expected that the same secret MAY be used to authenticate with servers [.]". This requirement forces deployers to manage unique identifiers and PSKs per client. Why? In general, this doc looks good; but I think the language around the roles and use of IP addresses and PSK identifiers for connection policy needs clarifying (happy to propose some text); and we should relax the per-client identifier/PSK requirement to bring this inline with existing, accepted practices. Josh From: radext <radext-bounces@ietf.org> On Behalf Of Alan DeKok Sent: Friday, March 3, 2023 3:21 PM To: radext@ietf.org Subject: [radext] Fwd: New Version Notification for draft-dekok-radext-tls-psk-00.txt A basic TLS-PSK document giving initial guidance on using TLS-PSK. Begin forwarded message: From: internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> Subject: New Version Notification for draft-dekok-radext-tls-psk-00.txt Date: March 3, 2023 at 10:11:20 AM EST To: "Alan DeKok" <aland@freeradius.org <mailto:aland@freeradius.org> > A new version of I-D, draft-dekok-radext-tls-psk-00.txt has been successfully submitted by Alan DeKok and posted to the IETF repository. Name: draft-dekok-radext-tls-psk Revision: 00 Title: RADIUS and TLS-PSK Document date: 2023-03-03 Group: Individual Submission Pages: 7 URL: https://www.ietf.org/archive/id/draft-dekok-radext-tls-psk-00.txt Status: https://datatracker.ietf.org/doc/draft-dekok-radext-tls-psk/ Html: https://www.ietf.org/archive/id/draft-dekok-radext-tls-psk-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-dekok-radext-tls-psk Abstract: This document gives implementation and operational considerations for using TLS-PSK with RADIUS/TLS (RFC6614) and RADIUS/DTLS (RFC7360). The IETF Secretariat
- [radext] Fwd: New Version Notification for draft-… Alan DeKok
- Re: [radext] Fwd: New Version Notification for dr… josh.howlett
- Re: [radext] New Version Notification for draft-d… Alan DeKok
- Re: [radext] New Version Notification for draft-d… josh.howlett
- Re: [radext] New Version Notification for draft-d… Alan DeKok
- Re: [radext] Fwd: New Version Notification for dr… Bernard Aboba
- Re: [radext] New Version Notification for draft-d… Alan DeKok
- Re: [radext] New Version Notification for draft-d… josh.howlett
- Re: [radext] New Version Notification for draft-d… Alan DeKok
- Re: [radext] Fwd: New Version Notification for dr… Alexander Clouter
- Re: [radext] New Version Notification for draft-d… Alan DeKok
- Re: [radext] New Version Notification for draft-d… Alexander Clouter