Re: [radext] New draft: RFC6614bis (RADIUS/TLS)
Peter Deacon <peterd@iea-software.com> Fri, 28 October 2022 13:23 UTC
Return-Path: <peterd@iea-software.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 585C9C14F75F for <radext@ietfa.amsl.com>; Fri, 28 Oct 2022 06:23:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.907
X-Spam-Level:
X-Spam-Status: No, score=-6.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tZWLiOuit2b4 for <radext@ietfa.amsl.com>; Fri, 28 Oct 2022 06:23:16 -0700 (PDT)
Received: from aspen.iea-software.com (www.iea-software.com [70.89.142.193]) by ietfa.amsl.com (Postfix) with ESMTP id 8CEE0C14F73B for <radext@ietf.org>; Fri, 28 Oct 2022 06:23:16 -0700 (PDT)
Received: from littlesmurf.peterd.ws (unverified [10.0.3.39]) by aspen.iea-software.com (Rockliffe SMTPRA 7.0.6) with ESMTP id <B0006178179@aspen.iea-software.com>; Fri, 28 Oct 2022 06:23:15 -0700
Date: Fri, 28 Oct 2022 06:24:32 -0700
From: Peter Deacon <peterd@iea-software.com>
To: Jan-Frederik Rieckers <rieckers@dfn.de>
cc: "radext@ietf.org" <radext@ietf.org>
In-Reply-To: <5ac1c43d-9638-9d68-6e8f-d0f2c1137bd3@dfn.de>
Message-ID: <c147f3e6-169c-3a83-30be-c0646ea17e33@iea-software.com>
References: <d9a015f8-60a7-8eb1-65e0-ea19633c3784@dfn.de> <ef1855a1-2417-b3b0-ba4d-729bc507f151@iea-software.com> <5ac1c43d-9638-9d68-6e8f-d0f2c1137bd3@dfn.de>
User-Agent: Alpine 2.26 (WNT 649 2022-06-02)
MIME-Version: 1.0
Content-Type: multipart/mixed; BOUNDARY="33226760-7807-1666957187=:4236"
Content-ID: <00071f82-ca4f-9862-7f6a-d82ebd0e0f5f@iea-software.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/Qs0mmqm1AFVXll9vSyMB8qLF-DA>
Subject: Re: [radext] New draft: RFC6614bis (RADIUS/TLS)
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2022 13:23:18 -0000
On Fri, 28 Oct 2022, Jan-Frederik Rieckers wrote: >> Think it might be worth considering a slight change to "radsec" static >> secrets. There has been feedback on operational costs with deploying PKI >> that can lead to PSK/PAKE being preferred. > I don't see exactly why this would be a bad thing. A PSK/PAKE with a strong > password should be enough to secure the connection in the same way as > certificates do. >> For some likely to be little practical value in requiring overhead of >> managing client certificates for every RADIUS client. >> Typical solution for adding TLS to existing protocols is clients >> authenticate servers via PKI while clients continue supporting existing >> client authentication mechanisms over TLS. Think it would be useful for >> this to also be possible with RADIUS. > It definitely is an intriguing proposal, but it carries the problem, that > certificate validation logic needs to be implemented in the clients either > way. Hi Janfred, The value is from operators not being required to provision and manage client certificates for every client. Clients would still be required to authenticate servers and have a database of trust anchors. > And speaking from personal experience, if there is the possibility to click > "Ignore certificate errors", people will do it, because they say "We have the > security via the shared secret, we don't need this stupid SSL, it always > breaks things" (using the term SSL with full intent here) I believe cert validation should be mandatory where PKI is used. >> Static "radsec" would be maintained for mutually authenticated TLS (client >> certs, PSK/PAKE..etc) yet for TLS where only server is authenticated a >> shared secret and message authenticator would be mandatory in order for >> server to authenticate client. > I feel that with the possibility to use PSK, we have a good way to secure the > transport and either way we would have to manage the PSKs (or shared secrets > in your proposal) on the server, so adding server authentication via TLS just > adds more configuration to the server side. >From past experience with operator selection of secrets recommend keeping secrets and PSK separate. However bad RADIUS crypto is tradition of poor quality secrets still likely to be the weakest link. regards, Peter
- [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Karri Huhtanen
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alexander Clouter
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Peter Deacon
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Bernard Aboba
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Bernard Aboba
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Matthew Newton
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Stefan Winter