IETF Logo Mail Archive

Re: [radext] Liaison to government agencies

Bernard Aboba <bernard.aboba@gmail.com> Wed, 23 November 2022 17:12 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2719C14F73A for <radext@ietfa.amsl.com>; Wed, 23 Nov 2022 09:12:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dA5t53Cdileo for <radext@ietfa.amsl.com>; Wed, 23 Nov 2022 09:12:07 -0800 (PST)
Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 418ACC14F733 for <radext@ietf.org>; Wed, 23 Nov 2022 09:12:07 -0800 (PST)
Received: by mail-ej1-x630.google.com with SMTP id n21so44166779ejb.9 for <radext@ietf.org>; Wed, 23 Nov 2022 09:12:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=hfwhT5wB3vwly7+SrNtCkman8YAXP9ctlvRqq7PkDM4=; b=jEbaAjme2QtNFspn8MAknGnWplN5FNH9f107NcbZkuTgUt2mbexr5W2xM1K0Tf8AfG X/oYj/OsnGmL1eRzNh9TdhuEBcPDjKV5XvGDGg7XvJG+s285UE+yt/bWUDYQjGTcQ8i7 2iKicW6KmeDZQKs39AhtPZu/cczFOeoN53cfsPM5ilcOXNBGMf71ePMaUwSNNBjdi+2c vjkykIvbWnlwryH4y+7zAxegSSHbwjsnogYPdCVCb+l1CdNKpfsazGLTm18Em/sU2H/e Urg7IitVSSYr7uwM4rJhNB2tkdepmhwIolS6uBDJXCnWPip0jcGHhCwdTJvz2a3LT7sg kgFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=hfwhT5wB3vwly7+SrNtCkman8YAXP9ctlvRqq7PkDM4=; b=QSLUP+2KMUzFzqLHVB6EBfSbznkKAxqRp8RB9wpjaEPYVuOD29iDGchg33s7Xbasfn wibGoyRutbPq/LxbcmxO/jYNg+qJ3eFUiMxZIApK70/nrDsFDjmVpdn3qfxTyR1boK3i 9nAwZUOYex/lwZv1e3KIHJv2d53FkQXEUQMr/aKhKO0HH+K9fxyQX6ngB5xSKHnTztt/ ZWxg3/oxvv0OWhAM8rPtmsP7HIY1EtuiaoYOubEnn11/4jYffFkTLFaFY4Aup4W1QwU3 SWuefwMjavqJ/YH35i9otef3iJ0qH71rOT7KHYRuGPs6KKPWvAZpq1vuZLgIIxmitYEo Atgg==
X-Gm-Message-State: ANoB5pl9hyZgxukFCxAWkE5MHZMZm4sNCwQLUmXKssd2qHzNKp3zS0lN KgHytm4V4HAheSj6ZgHygUUxzPvVtyUAk9mocE4=
X-Google-Smtp-Source: AA0mqf63RkSXhPIwmvk+7RTIaKTpVsFr9cv5OM9tR92PYBM6QnCSjHQYvQiziDiEMBV3uOcinLMo1SMUNWE/S9KBjL8=
X-Received: by 2002:a17:906:924e:b0:782:2d3e:6340 with SMTP id c14-20020a170906924e00b007822d3e6340mr24557017ejx.234.1669223525463; Wed, 23 Nov 2022 09:12:05 -0800 (PST)
MIME-Version: 1.0
References: <4ce6d292-bb34-5dd7-7b8b-d43c282658f1@iea-software.com> <329FE6EA-C1E6-4E16-8D0C-A68C32B67FB9@gmail.com> <FC5C81F9-FEB5-4F9C-9A02-36837B7ABC09@deployingradius.com> <CAOW+2dtANzJDbAjmhHiz_m1pkk+SyfHu5uZ_ddp4PPMi17=0-A@mail.gmail.com> <E59F655C-ADC3-465A-BC9E-4445135BFE97@deployingradius.com> <2f8a0921-2e9e-751e-4f5d-42c5c9c3cb8a@dfn.de> <b96210fb-8a59-2606-bb0c-7cf365fb23e0@iea-software.com> <81A7763B-B2AE-4FBE-9A5E-1234C87393AE@deployingradius.com> <CAOW+2dvg2z9e_X0QzB+gnxDRK9wMdZy=S4x1LbsXzfP6AxrwtA@mail.gmail.com> <b036f5fd-60fc-352e-bf91-d832adba2545@cs.tcd.ie>
In-Reply-To: <b036f5fd-60fc-352e-bf91-d832adba2545@cs.tcd.ie>
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Wed, 23 Nov 2022 09:11:53 -0800
Message-ID: <CAOW+2dvbercDhpHGhud8wbTOzVem+=CZ3qY2cat9Wno6G7VgjQ@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Peter Deacon <peterd@iea-software.com>, radext@ietf.org
Content-Type: multipart/alternative; boundary="000000000000493b7905ee266300"
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/YT2a57rn93eZV5wDd6GuOxo2Kxg>
Subject: Re: [radext] Liaison to government agencies
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2022 17:12:07 -0000

On Wed, Nov 23, 2022 at 08:50 Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
> Hi Bernard,
>
> On 23/11/2022 16:34, Bernard Aboba wrote:
> > In the IETF, we have had problems with individuals making statements on
> > behalf of government agencies who have no connection to those agencies
> and
> > no authorization to speak on their behalf.
> >
> > To avoid this confusion, it has been necessary to formalize the process
> for
> > clarifying regulatory requirements. Typically this is done via a formal
> > liaison to/from the agency or inviting an authorized representative to
> > speak to the WG.
> >
> > In this case, it would make more sense for the RADEXTRA Charter to
> require
> > a liaison with government agencies rather than bake in an interpretation
> of
> > requirements and a predetermined solution.
>
> Sorry, I'm confused by the above and am not sure if/how it
> relates to the BoF discussion. Can you clarify?


[BA] The RADEXTRA Charter includes a work item whose purpose is to satisfy
FIPS-140 requirements.  The work item not only assumes an interpretation of
those requirements that has not been verified by NIST, but it also presumes
a solution based on those unverified requirements.

I'm also not sure of two other things: a) I don't think the
> IETF has a role where someone is a liaison to "government
> agencies" - aren't all our liaisons with very specific other
> bodies?


[BA] Employees of NIST have a long history of engagement on network access
security.  The design of 802.11 security (including the RADIUS aspects) was
kicked off by a meeting at NIST. If FIPS compliance is a goal for this WG
(as some seem to think) then we should get info “from the horses mouth”.

v2.23.0 | Report a Bug | By Email