IETF Logo Mail Archive

Re: [radext] New draft: RFC6614bis (RADIUS/TLS)

Stefan Winter <stefan.winter@restena.lu> Fri, 04 November 2022 12:51 UTC

Return-Path: <stefan.winter@restena.lu>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E19E2C14CE25 for <radext@ietfa.amsl.com>; Fri, 4 Nov 2022 05:51:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N8CS_M4AqThQ for <radext@ietfa.amsl.com>; Fri, 4 Nov 2022 05:51:04 -0700 (PDT)
Received: from smtprelay.restena.lu (smtprelay.restena.lu [IPv6:2001:a18:1::62]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F66BC14CE22 for <radext@ietf.org>; Fri, 4 Nov 2022 05:51:03 -0700 (PDT)
Received: from smtprelay.restena.lu (localhost [127.0.0.1]) by smtprelay.restena.lu (Postfix) with ESMTP id 394DF30288B; Fri, 4 Nov 2022 12:51:00 +0000 (UTC)
Received: from [IPV6:2001:a18:1:10:6702:5ad0:1692:bb6] (unknown [IPv6:2001:a18:1:10:6702:5ad0:1692:bb6]) by smtprelay.restena.lu (Postfix) with ESMTPSA id 2B425302885; Fri, 4 Nov 2022 12:51:00 +0000 (UTC)
Message-ID: <2d32e876-a5c1-86b9-2875-8ee711e4c6a0@restena.lu>
Date: Fri, 04 Nov 2022 13:51:00 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.0
Content-Language: en-US
To: Jan-Frederik Rieckers <rieckers@dfn.de>, radext@ietf.org
References: <d9a015f8-60a7-8eb1-65e0-ea19633c3784@dfn.de> <817A08A2-A6E0-43AD-92C4-144D2D4C4D63@deployingradius.com> <7672c376-e9f2-718f-5586-1c36c8e5d72f@dfn.de>
From: Stefan Winter <stefan.winter@restena.lu>
In-Reply-To: <7672c376-e9f2-718f-5586-1c36c8e5d72f@dfn.de>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-AV-Checked: ClamAV using ClamSMTP
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/X7wPhPEsuauvqAkUeXP1gS25ZZs>
Subject: Re: [radext] New draft: RFC6614bis (RADIUS/TLS)
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2022 12:51:09 -0000

Hello,


>
>>
>>    It would be good to add text describing operational experience 
>> with RADIUS/TLS.  The purpose of the experiment was to see what 
>> worked.  So... what were the results?
>
> Definitely. I'm only aware of the RADIUS/TLS deployment in eduroam, if 
> there are other persons willing to share more operational experience, 
> please feel free to speak up :) 


The roaming consortium "OpenRoaming" by Wireless Broadband Alliance is 
using RADIUS/TLS (+NAPTR DNS record based dynamic discovery) as their 
sole transport and roaming fabric.


Greetings,


Stefan Winter


-- 
This email may contain information for limited distribution only, please treat accordingly.

Fondation Restena, Stefan WINTER
Chief Technology Officer
2, avenue de l'Université
L-4365 Esch-sur-Alzette

v2.23.0 | Report a Bug | By Email