IETF Logo Mail Archive

Re: [radext] New draft: RFC6614bis (RADIUS/TLS)

Karri Huhtanen <karri.huhtanen+ietf@gmail.com> Mon, 24 October 2022 15:37 UTC

Return-Path: <karri.huhtanen+ietf@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 26040C1522A2 for <radext@ietfa.amsl.com>; Mon, 24 Oct 2022 08:37:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.11
X-Spam-Level:
X-Spam-Status: No, score=-7.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A6PG46iY_rYC for <radext@ietfa.amsl.com>; Mon, 24 Oct 2022 08:37:49 -0700 (PDT)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E0E2C14CE29 for <radext@ietf.org>; Mon, 24 Oct 2022 08:37:18 -0700 (PDT)
Received: by mail-lf1-x12c.google.com with SMTP id bp15so17306445lfb.13 for <radext@ietf.org>; Mon, 24 Oct 2022 08:37:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=Ge4HWEWVliLJM5Znq+TIUD4ekTzniUHHdnC6eQcY+q4=; b=d+xApxglSTCMrgEnja73+kjMpdKD1rT21Iyo1QvlPQyZDJNyTo7ucovPqv8rNtnhKA dAGyQ4KugoNk19JKozBNh0sc7X5fgA+TIo3Tgopn1Fg14w/SNGcEf6l9z6eIH/28D8QK 0DBMaH3vJSeTMNiR2u8MbH429R6PzuLFGPtwe5m833T8WM+3Ni8aT74MrIyuHyDPX4QL O7vviWGPeFUOW8nVTIeem1heVMz7mWhtKfzCOU6QrGB1nSJESnPNxJ5jIBvqOSBd/oOw f6rwJyy20uGEptcGp+FVw5+eaLlcVORKizGVT1U4EHUO2oV8ipKbfo6bd/4RvW/P5juD vmbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :sender:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Ge4HWEWVliLJM5Znq+TIUD4ekTzniUHHdnC6eQcY+q4=; b=R3LQm0vXWX9BlEnK6UnQWc8pNvgNpzlNQHtdPEVjuXgYjyc05XR/AFDM8ntNlv9VVi zZHdNiEArAH4jQio5/Btr3oEMQ7363EPNyOlToWQzCHtVjfktdltLNny7Nj7UxmRRUXw TAFv5mXyIiBAj2SpAx/5zPTNxYWFysZdtorHnzsaye6Qx5HyCjI+iXpEdFvZBucVjmmv gNPmnf0/aHgf7Knu6E2X7u7u3S/uRldOH0Uo/HaOLG1/tFIZubnJT76goSIRVuVjENH4 97O4LC+jGbK0tS9KYnsEIqZXgEbitYl9cZbGELKCHtuf9+FNr7vJHJGmsCWNmXFiXRZW Ax2g==
X-Gm-Message-State: ACrzQf0d6ZJZX31o1gm3m0e83MHjIUMPE8Lj8BHtIpACVhyhWUFNDzAk xE3qrq8h/nG4scNiTT2s+ZMtP1iVN6o=
X-Google-Smtp-Source: AMsMyM6l+ouq1adBMLhiYLXF8ILUKPHquF+tHnIEtjNmiPrbQUuPjJ4Q9OeapFblnazBeyW1GMHHpQ==
X-Received: by 2002:a05:6512:e85:b0:4a2:734f:64eb with SMTP id bi5-20020a0565120e8500b004a2734f64ebmr11686932lfb.414.1666625836312; Mon, 24 Oct 2022 08:37:16 -0700 (PDT)
Received: from [10.0.42.42] ([83.148.245.31]) by smtp.gmail.com with ESMTPSA id p5-20020a2eb985000000b002770a9ed61bsm6817ljp.66.2022.10.24.08.37.15 for <radext@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Oct 2022 08:37:15 -0700 (PDT)
Sender: Karri Huhtanen <karri.huhtanen@gmail.com>
Message-ID: <440ee5b0-806d-daea-a6d7-22e4769203ff@gmail.com>
Date: Mon, 24 Oct 2022 18:37:14 +0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.3.3
Content-Language: en-US
To: radext@ietf.org
References: <d9a015f8-60a7-8eb1-65e0-ea19633c3784@dfn.de> <817A08A2-A6E0-43AD-92C4-144D2D4C4D63@deployingradius.com> <7672c376-e9f2-718f-5586-1c36c8e5d72f@dfn.de>
From: Karri Huhtanen <karri.huhtanen+ietf@gmail.com>
In-Reply-To: <7672c376-e9f2-718f-5586-1c36c8e5d72f@dfn.de>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/T_3Hujs9286zDQ2_ZN6Rm5zBqZ4>
Subject: Re: [radext] New draft: RFC6614bis (RADIUS/TLS)
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Oct 2022 15:37:54 -0000

On 24.10.2022 17.27, Jan-Frederik Rieckers wrote:

>>    It would be good to add text describing operational experience with 
>> RADIUS/TLS.  The purpose of the experiment was to see what worked.  
>> So... what were the results?
> 
> Definitely. I'm only aware of the RADIUS/TLS deployment in eduroam, if 
> there are other persons willing to share more operational experience, 
> please feel free to speak up :)

Radius over TLS (RFC 6614) is used as the default transport protocol in 
the OpenRoaming standard and authentication federation. The DNS 
discovery is another key component of the Wireless Broadband Alliance 
OpenRoaming standard.

// kh

v2.23.0 | Report a Bug | By Email