Re: [radext] Confirmation of Adoption of Deprecating Insecure Uses of RADIUS as a WG work item

Stefan Paetow <Stefan.Paetow@jisc.ac.uk> Mon, 21 August 2023 23:39 UTC

Return-Path: <Stefan.Paetow@jisc.ac.uk>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51A72C16B5BF for <radext@ietfa.amsl.com>; Mon, 21 Aug 2023 16:39:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=jisc.ac.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yGVXRF_z7Fvq for <radext@ietfa.amsl.com>; Mon, 21 Aug 2023 16:39:37 -0700 (PDT)
Received: from EUR02-AM0-obe.outbound.protection.outlook.com (mail-am0eur02on2042.outbound.protection.outlook.com [40.107.247.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACF5FC14CEFA for <radext@ietf.org>; Mon, 21 Aug 2023 16:39:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SXD1C6mO0kuhxwg+O4blK0+khInk/MiJwc9W2llX+w2Mpj5SaSdNi1/dCPgmkadpfbFxH4fbsQyrE8uFjCVOzAU/pxg2GR9QHfG9r/pPPkfWlUDbBa0oKAqR8h3qW2kv0wqdTOtD7bgHjdD4FVnRAMg2tdD8GFlxoIxkKT6nqx7fIa1bxC/+N/EfnPNHw5WDkhBUdi50YiPoWi/14aY7VWH5oimoPmX7QDK9/WuzeOSEOqsbf8MUw88QhQ0WYHpbyhw+D74PWjerDh+sUE0RDKUpb+prH9A0wCaE4f2yTy6+AbLCUF/Bp2gY7s3XmNPnSMtGwHxwQSTPn067G1LIsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WhcDXwg9fy+xiUQ+HF3PkCXRctFjxscJhHopxmuCJHU=; b=mt0i+ncBz5LNdQtGaucHgSNfPs9PNxAQgn/sAUtILgF13Tsy3eiqpB3mo9imdtJzSodyQhyKt9p7lAdoaSsMm2PU7qQLv8ZF+7MAp/yOR7jqgxEk1TTHu0gLa/LNJ8GbAjFZ9gpN6pdaED2YB19lSfjVOUmP43TqJ4HN/j2s2Up3RdCo5yblWCIUwbpyjFznkKizRdK/Q2XJT1pJY1z3/AEqz3fYu0PT1iH2drLHzbvTED6ME/tbDprZ8Xw6OCrEizVXfLtKRUK+e5uuPzr+TLTQ8desGHd+94iBkUMm3kr7TozMsSPEcbFr9/YbDA7s5upIAsGeO5KCOQpSdOPWsg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jisc.ac.uk; dmarc=pass action=none header.from=jisc.ac.uk; dkim=pass header.d=jisc.ac.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc.ac.uk; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WhcDXwg9fy+xiUQ+HF3PkCXRctFjxscJhHopxmuCJHU=; b=nrTOL7mUqnVkiZ5rx2ObqN29cw4befcsS1CAJr3YP/TJpbT1QlJC8cFMYBgKts8b8haVJmJQ/POKlUFxkMrfCUwW1X5kFTdrvgFkffVOM1haOGPTXZ1idmA46Qfl/cJIVykeeX/49Nicn7jmFneAZSOgCpstVvuSSpDl9pfLwpM=
Received: from AM0PR07MB4209.eurprd07.prod.outlook.com (2603:10a6:208:b5::19) by AM8PR07MB7411.eurprd07.prod.outlook.com (2603:10a6:20b:248::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.24; Mon, 21 Aug 2023 23:39:31 +0000
Received: from AM0PR07MB4209.eurprd07.prod.outlook.com ([fe80::e351:6d88:92f3:d4fd]) by AM0PR07MB4209.eurprd07.prod.outlook.com ([fe80::e351:6d88:92f3:d4fd%4]) with mapi id 15.20.6678.031; Mon, 21 Aug 2023 23:39:31 +0000
From: Stefan Paetow <Stefan.Paetow@jisc.ac.uk>
To: "radext@ietf.org" <radext@ietf.org>
Thread-Topic: [radext] Confirmation of Adoption of Deprecating Insecure Uses of RADIUS as a WG work item
Thread-Index: AQHZxiQiXGZAbCS0g02pesf46TOJa6/1lfEA
Date: Mon, 21 Aug 2023 23:39:31 +0000
Message-ID: <7224C6EF-743F-49DC-B916-1091B0728AEC@jisc.ac.uk>
References: <02B774FC-E179-4689-99DB-D8462ECD6EB9@gmail.com>
In-Reply-To: <02B774FC-E179-4689-99DB-D8462ECD6EB9@gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.76.23081101
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=jisc.ac.uk;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM0PR07MB4209:EE_|AM8PR07MB7411:EE_
x-ms-office365-filtering-correlation-id: f47dc77d-8fb9-4636-3c7b-08dba29fddfa
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: NINYB0dKtzeHrvB/4kPqfZOcSHI7sMmF5adv7Rg3g59ymM8zdWmvN4TeU/jHCdlFWW64frufzxiLJPky5OlksU7/bzqqtcmg8hE2F2zpNN/Y6ZXpya3ikka30ihVpqn708M1zlbheJ9DCTtaUtPLKZW40uLEiLSFA48k7HGKP2Re9oWX9bufoIqwMrTYk6Axu/y85JTs1P+go2wp2+lJcNAtdR/QlG2E+xcDXmcCvWKh/PMb6GyBNF0dLCS+qwaSNSlo4gSaPSXaA0ljPeYByyYn+OU3eUup9KR5lfaTJXjyTVpRv7HpgXng5034tMUDIFFSbOM1ydyZUbsTs6j9gNxPkK8cI64sOlBmAp38G6mF9wVsh/bgkWPsYOKwtaq6mPJddey2OJqREI/FTiHlUzCD5f5MUeAYJbeqXpS1RIjDeW4zeS0y0NB4qgRX000jv9NQmJOxUIgiDUAXBVqlYw9PsqzKRW2gtmNUOtAh8tNvqiHKv398GnEZwQc5GYlYecvnvzPiOKUnsfR7xHx/XeKV98ru+A9MWJwcnm4YLsehjelOExFTLrhW0FT1wJz8SClhp+mNB2HZV1MyA1Vp4FZWAlnU6v/gLsi67sB3tGe4ch+eWNf7C8gSBXVp9LBfW6ii91+xRin7y1ArIH3NvbXDQ6FJRybUM35xQQzGuwWK+RMU/UYmSQd4sW1rPNvtAgKuesFduElhjHkN/+x+YQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB4209.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(39860400002)(346002)(396003)(376002)(366004)(1800799009)(186009)(451199024)(2906002)(66899024)(38100700002)(38070700005)(83380400001)(122000001)(53546011)(6486002)(66946007)(6506007)(66556008)(76116006)(316002)(6916009)(66446008)(66476007)(64756008)(786003)(91956017)(71200400001)(33656002)(41300700001)(6512007)(36756003)(478600001)(966005)(12101799020)(86362001)(26005)(166002)(5660300002)(2616005)(8676002)(8936002)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 3hZcsHM6X6ihZkaMhrOqqNvnKDR7cTHsCrrQacjcO8KOKXIXQv0eDrQaQk597X/bCs2DzBzWR9J0pySaSv7j5+6uRHqftv2zU4b0xM7mzh0M9luKOSAIGzOylYvQbSFfCKxBBwGNJg92UVuQhFUx+rk5cTpI1+6xoznnw+Zn5XVJ3zIW1jCkaK6KLhj44VIOKQcnVdQMJbbWof6wN+w9XM6FjS4cLG8Komfs8+FKsTVu//nusJlUL8fhIzRPDIojIhMsA7fn6BXfO+fa0IJ/NVaR4gB8kpT9exVBM3VZ4XFsMhDi6ERk9Se/iO+PImEfskM9dFWOr1Hc2fAOwqFHRZxpvg4ODG7PUxGjmAW4+lohLeKl3dvGrMtXw43XzYlvgWXN5TILZzhVilyR55Zc5TXexZ+7Lbcq9wDA6pbvRd/DLDAgKoJotO/Be7XUB3baDyIAMrBg7RKOPikJP6Nv+/KeRugibVcTfvxQ6cAKz+8QE1WijkkAWXsTzUs38WYXvkszL8MJttZUWTvlm1dN8OZ+RHNFdHxTbLb9a71utGZF5Vmtb5ZRpyVZNMYBmVbIpuiuDz234BbUl+hvdeVut2fUxrB936v4juGPaezTIobUHJyJ5Q05nRSxBsJfHxUsDZtPEUhl1bW1Nh8xkutoQePB9jEvJkD7IZbex87a+oZIUMMT5RIhOnF2nVeY8DZjjF9mbyrz0kqsokG4ZGMM1MzxqDyNfIaO4+U+K4KwxnClLADZ3cjAUzslnMNtp0L3GG3G6Hg6D4MODuaVZaBdcTmzvtg4Lm5DE8riU8pBklVHlBkbEGZWaXasFF+uspbRjgwUyUPwt2GFHBKS9NbKgB+rYB2qHh7Y3JHAaB60wCrZSvhRJc3MhZz1cBeDXrqY+JsJE2SHXH0m+MQiDmXoHEVgoxjGI+YdiVgdwbpCaN9Tu7+lG1JQ/IkJxzbdBRSvUtotppO+9/YA5xeUs3/ZLwuyc17XIN/oClAQ+2hsYBMqEKf+iPnTjDnR24qlO2Czobl7uG36MlWulC0Wg7o2q3ZUeF/lwEesWfo4rI54cbp7Vr3TB5K3lfOpIIwqfGVY2NkY7P0Qn8akfp4xQwtyK2TwbgVUCl9Te9rV6sadK+n/FVHqohqR7OMM9Z83NQZWO4RCRqWsTH6CRFu6HdCJDbsZHYRJ51trWEXLkImnW/fUlnVjGkke+CvQkXu7jtegayeDcqAMhS6XnIDZUR69WJBVMizYi1JaxxDEZUdKVBbfc2lCxFpbwM+EFf2nGs2Qb0MNC4h1W5N1AOPYJe1I+jAEzbf/O+Y6MIzkpVGZvID3rNMZfk5wYezMikimwPyd4ZGMUDyelcJRCJ0kW3AtCtdH/2PjUlpDv78eUKBbT1sB7cM5o6SldVidjTcegZJ1S1SIzWw9dxQvLi1pPqyIWtIgCAQJyGU/N/X1XL8jVthwQO0NCFP2hbnAWG67W2ZsfjBMbgHax93y3edePUYcWFeR45OQXDkE+rqb6xJE49rY8N2P1YlasmaUSOpetIaVnY442yyvDn5AVt0SNyeQCDs6eeYgkfCKqYMIgA9BjK09B6xeBofjGo5u9FsTgjVf6qPO2PaGRaFufJtiTrj+0g==
Content-Type: multipart/alternative; boundary="_000_7224C6EF743F49DCB9161091B0728AECjiscacuk_"
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR07MB4209.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f47dc77d-8fb9-4636-3c7b-08dba29fddfa
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Aug 2023 23:39:31.0510 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Bty0pfUMtQYh+pLkiaQSz7xDPrEw5+ungqTwO2rus21dLMtO/E4Y2GaeRmYm6o6t7G0xPH/z4dqr0vIZmRAKuch3qtVdVgf3dDTsNYpu1HQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR07MB7411
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/WAFLITlMPxWf50CIPK9_CF_n3p4>
Subject: Re: [radext] Confirmation of Adoption of Deprecating Insecure Uses of RADIUS as a WG work item
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Aug 2023 23:39:42 -0000

I have read the draft and I DO SUPPORT the adoption of this draft as a WG item.

Stefan Paetow
Federated Roaming Technical Specialist
eduroam(UK), Jisc

email/teams: stefan.paetow@jisc.ac.uk
gpg: 0x3FCE5142

For eduroam support, please contact the eduroam team via help@jisc.ac.uk and mark it for eduroam’s attention.
On Wednesdays and Fridays, I am not available between 12:00 and 15:00.

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane, Bristol, BS1 6NB Tel: 020 3697 5800.


From: radext <radext-bounces@ietf.org> on behalf of Margaret Cullen <margaretw42@gmail.com>
Date: Thursday, 3 August 2023 at 17:04
To: "radext@ietf.org" <radext@ietf.org>
Subject: [radext] Confirmation of Adoption of Deprecating Insecure Uses of RADIUS as a WG work item

You don't often get email from margaretw42@gmail.com. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
During the Interim WG Meeting in March, there was consensus of those present to adopt the “Deprecating Insecure Uses of RADIUS” draft (https://datatracker.ietf.org/doc/draft-dekok-radext-deprecating-radius/) as a WG work item.  It has since been pointed out that the consensus from that meeting was not properly confirmed on the mailing list.  Therefore…

We are officially asking the group to confirm the decision made at the March Interim Meeting to adopt https://datatracker.ietf.org/doc/draft-dekok-radext-deprecating-radius/ as a Working Group work item, to fulfill the following charter item:

  *   Deprecating the use of insecure transports outside of secure networks. This work updates RFC 6421.

Please read the draft and send a reply clearly indicating whether you DO SUPPORT or DO NOT SUPPORT adoption of this draft as a WG work item.  Please start a separate thread for any feedback or questions about the document.

Thank you,
Margaret

(For the radext co-chairs: Margaret Cullen and Valery Smyslov)