Re: [radext] WGLC for Publication of TLS-PSK draft as an Informational RFC

Jan-Frederik Rieckers <rieckers@dfn.de> Wed, 09 August 2023 14:06 UTC

Return-Path: <rieckers@dfn.de>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28AF9C14CF1A for <radext@ietfa.amsl.com>; Wed, 9 Aug 2023 07:06:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.198
X-Spam-Level:
X-Spam-Status: No, score=-7.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dfn.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MLGp7eIqiFdP for <radext@ietfa.amsl.com>; Wed, 9 Aug 2023 07:06:05 -0700 (PDT)
Received: from a1004.mx.srv.dfn.de (a1004.mx.srv.dfn.de [IPv6:2001:638:d:c301:acdc:1979:2:58]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E9F0C14CEFD for <radext@ietf.org>; Wed, 9 Aug 2023 07:06:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dfn.de; h= content-type:content-type:in-reply-to:organization :content-language:references:subject:subject:from:from :user-agent:mime-version:date:date:message-id:received; s=s1; t= 1691589959; x=1693404360; bh=LMmDVVLVACylYWeHn/HQLqlxuDUlSaYGjWe Thioy10E=; b=hYvETYU35JSzOYvDcAsZQCwduB51Z+45OhnwM6hiQUiOyb9hy+M lhFmtV7KgzE9rCBptkzq00QSZst4zcxEM9PJKvS6BDcbzspoeq4JAiM17f6ib/ox 97LqFEPy7JxXnQ1V8NJJqmmokOVq/nQMBt9fBUI27x25/f4Swd4MkNQs=
Received: from mail.dfn.de (mail.dfn.de [194.95.245.150]) by a1004.mx.srv.dfn.de (Postfix) with ESMTPS id 506C02000EE for <radext@ietf.org>; Wed, 9 Aug 2023 16:05:59 +0200 (CEST)
Received: from [IPV6:2001:638:d:1010::1002] (unknown [IPv6:2001:638:d:1010::1002]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mspool2.in.dfn.de (Postfix) with ESMTPSA id D09FB41C for <radext@ietf.org>; Wed, 9 Aug 2023 16:05:58 +0200 (CEST)
Message-ID: <05f6b29d-a264-f4e4-fa55-bb78139bdc5f@dfn.de>
Date: Wed, 09 Aug 2023 16:05:57 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0
From: Jan-Frederik Rieckers <rieckers@dfn.de>
To: radext@ietf.org
References: <617FA25F-6A72-46ED-962D-CDB8C439B0EE@gmail.com>
Content-Language: en-US
Organization: DFN e.V.
In-Reply-To: <617FA25F-6A72-46ED-962D-CDB8C439B0EE@gmail.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-512"; boundary="------------ms060509060108010505000905"
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/SnW9leRCCzToRYa5d-bN6kPXz20>
Subject: Re: [radext] WGLC for Publication of TLS-PSK draft as an Informational RFC
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Aug 2023 14:06:12 -0000

Hi to all,

I have read the updated -01 version of the document and generally 
support submitting this document.

However, I have found some nits that I would like to see fixed before 
publication:


* Section 5 Introduction
The first sentences are a repetition of the wording in section 3.
It's not clear to me why this sould be repeated for RADIUS clients, 
since it is also true for RADIUS servers.

I would suggest to find a different introduction into this section, that 
does not repeat the (more or less) exact words of section 3.


* Cipher suites

In Section 5 for RADIUS clients it says "Implementations MUST use ECDH 
cipher suites."
I don't understand why this requirement is included only here and not in 
the server section as well.


* TBDs

There are still 2 TBD's included: One in Section 2 (Terminology), one in 
Section 10 (Acknowledgements)
Either these should be removed or text should be added

* Note to RFC Editor

Section 11 (Changelog) should probably include a note to the RFC-Editor 
that this section may be removed.


Typos/Punctuation (Both section 6.1):

-A RADIUS/UDP server, is typically configured
+A RADIUS/UDP server is typically configured


-When the yserver
+When the server

Cheers,
Janfred


On 03.08.23 18:13, Margaret Cullen wrote:
> This is an official, two-week Working Group Last Call for sending the TLS-PSK draft (https://datatracker.ietf.org/doc/draft-ietf-radext-tls-psk/) to the IESG for publication as an Informational RFC.  This call will run for two weeks, ending at 1800 UTC on Thursday August 17th.
> 
> Please read the draft.  Then, reply to this message indicating that you DO SUPPORT or DO NOT SUPPORT sending this document to the IESG for publication.  If you DO NOT SUPPORT publication of the draft as-is, please list any blocking issues that should, in your opinion, prevent publication of this document.  If possible, suggest text that would resolve your issue.
> 
> Thank you,
> Margaret
> 
> (For the radext co-chairs:  Margaret Cullen and Valery Smyslov)
> 
> 

-- 
Herr Jan-Frederik Rieckers
Security, Trust & Identity Services

E-Mail: rieckers@dfn.de | Fon: +49 30884299-339 | Fax: +49 30884299-370
Pronomen: er/sein | Pronouns: he/him
__________________________________________________________________________________

DFN - Deutsches Forschungsnetz | German National Research and Education 
Network
Verein zur Förderung eines Deutschen Forschungsnetzes e.V.
Alexanderplatz 1 | 10178 Berlin
www.dfn.de

Vorstand: Prof. Dr. Odej Kao (Vorsitzender) | Dr. Rainer Bockholt | 
Christian Zens
Geschäftsführung: Dr. Christian Grimm | Jochem Pattloch
VR AG Charlottenburg 7729B | USt.-ID. DE 1366/23822