Re: [radext] New draft: RFC6614bis (RADIUS/TLS)
Alan DeKok <aland@deployingradius.com> Fri, 28 October 2022 16:25 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDE53C14F749 for <radext@ietfa.amsl.com>; Fri, 28 Oct 2022 09:25:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s09Q02GBCSkR for <radext@ietfa.amsl.com>; Fri, 28 Oct 2022 09:25:53 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B337C14F726 for <radext@ietf.org>; Fri, 28 Oct 2022 09:25:52 -0700 (PDT)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id BCB4C659; Fri, 28 Oct 2022 16:25:49 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <CAOW+2dsac4CrafjUZLiu1UhFSArY5gV7t_uVyMwhGn19zJihKA@mail.gmail.com>
Date: Fri, 28 Oct 2022 12:25:48 -0400
Cc: Jan-Frederik Rieckers <rieckers@dfn.de>, Peter Deacon <peterd@iea-software.com>, radext@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <973BEA8E-45AE-403F-8CD9-F06D7289E4FB@deployingradius.com>
References: <d9a015f8-60a7-8eb1-65e0-ea19633c3784@dfn.de> <ef1855a1-2417-b3b0-ba4d-729bc507f151@iea-software.com> <5ac1c43d-9638-9d68-6e8f-d0f2c1137bd3@dfn.de> <B3C2A71B-0796-4B74-8016-99A8341C18F8@deployingradius.com> <CAOW+2dsac4CrafjUZLiu1UhFSArY5gV7t_uVyMwhGn19zJihKA@mail.gmail.com>
To: Bernard Aboba <bernard.aboba@gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/WqO-u5pCZxpIVocm8O7svNd6qhM>
Subject: Re: [radext] New draft: RFC6614bis (RADIUS/TLS)
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2022 16:25:56 -0000
On Oct 28, 2022, at 12:21 PM, Bernard Aboba <bernard.aboba@gmail.com> wrote: > > Alan said: > > "Due to TLS version issues, a TLS-PSK MUST NOT be used across different versions of TLS." > > [BA] What are the implications of this? Does an operator need to configure distinct TLS-PSKs for TLS 1.2 and TLS 1.3?? Arguably yes. https://www.rfc-editor.org/rfc/rfc8446#appendix-E.7 ... The constructions in TLS 1.2 and TLS 1.3 are different, although they are both based on HMAC. While there is no known way in which the same PSK might produce related output in both versions, only limited analysis has been done. Implementations can ensure safety from cross-protocol related output by not reusing PSKs between TLS 1.3 and TLS 1.2. My $0.02 is that TLS 1.3 is widely available, and RADIUS/TLS does not widely use TLS-PSK that I'm aware of. We should probably just mandate TLS 1.3 when TLS-PSK is being used with RADIUS/TLS. Alan DeKok.
- [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Karri Huhtanen
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alexander Clouter
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Jan-Frederik Rieckers
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Peter Deacon
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Bernard Aboba
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Bernard Aboba
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Matthew Newton
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Alan DeKok
- Re: [radext] New draft: RFC6614bis (RADIUS/TLS) Stefan Winter