Re: [radext] AD review draft-ietf-radext-tls-psk-08
Alan DeKok <aland@deployingradius.com> Thu, 29 February 2024 20:55 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 883A9C14F6A6 for <radext@ietfa.amsl.com>; Thu, 29 Feb 2024 12:55:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rqwcLWCmaoJm for <radext@ietfa.amsl.com>; Thu, 29 Feb 2024 12:55:16 -0800 (PST)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B969FC14F69A for <radext@ietf.org>; Thu, 29 Feb 2024 12:55:15 -0800 (PST)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id 56518391; Thu, 29 Feb 2024 20:55:12 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <CAGL5yWaK8uHLmsnTzSCqsysTmYLrjVLnf11gaX84eF_qLLtdKw@mail.gmail.com>
Date: Thu, 29 Feb 2024 15:55:10 -0500
Cc: radext@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <C8B592B2-98D4-4466-948E-2190762A28A7@deployingradius.com>
References: <CAGL5yWaK8uHLmsnTzSCqsysTmYLrjVLnf11gaX84eF_qLLtdKw@mail.gmail.com>
To: Paul Wouters <paul.wouters=40aiven.io@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/ZSPvRJat0olJUd7H2KAjLHf6wS8>
Subject: Re: [radext] AD review draft-ietf-radext-tls-psk-08
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Feb 2024 20:55:17 -0000
On Feb 29, 2024, at 3:43 PM, Paul Wouters <paul.wouters=40aiven.io@dmarc.ietf.org> wrote: > Thanks for this very clear document, and especially for re-using other RFCs security considerations where possible! Thanks. Cut & paste is often easier than thinking :) > I think it's good to go, except for some minor comments. One question I had is whether TLS-PWD was considered, > in light of knowing administrators will use weak PSKs. I guess it would complicate things a bit, as TLS-PWD is only > available for TLS 1.3. I'm happy to allow for TLS-PWD? But I don't know much about it. And on quick inspection, I can't find references to it for OpenSSL. > Comments: > > PSKs MUST be uniformly random. > > Of course, if they are "uniformly" random, they are not truly random :) Maybe remove "uniformly" ? Sure. > In order to guide Implementers [...] Perl script > > It made me smile to believe people think perl is still used and generally available :P It also uses a > Crypt:URandom() module which I would not be sure if it was cryptographically secure, or just a thin > wrapper over /dev/urandom, which on linux is less secure in certain circumstances. > > How about python? :) I'll use that. > Implementations SHOULD NOT provide user interfaces which > allow both PSKs and shared secrets to be entered at the same > time. There is too much of a temptation for administrators to > enter the same value in both fields, which would violate the > limitations given above. > > I think you should ignore the UI part and enforce things harder: > > Implementations MUST reject configuration attempts that try to > use the same value for PSK and shared secret. I'll add that text. I think it's still useful to comment on the UI part, tho. I'm thinking of an administration interface which has a "shared secret' entry box for RADIUS/UDP, and a checkbox for TLS. If the TLS checkbox is clicked, then the "shared secret" field should _go away_ and be replaced by a PSK entry box. i.e. where possible, make it difficult (or impossible) to enter both values at the same time. > Nits: > > This output may be 256, 384, or 512 bits in length. Never the less, > > Reading a bunch of numbers and then seeing "never the less" made me think of > a less than XXX amount syntax. Would using "nevertheless" be better? Yes. > There are few, if any, use-cases for > > How about: There are no known use-cases for Yes. > implements should allow -> implementers should allow > > Remove "Returning to the subject of IP address lookups," Done, and new draft submitted shortly. Alan DeKok.
- [radext] AD review draft-ietf-radext-tls-psk-08 Paul Wouters
- Re: [radext] AD review draft-ietf-radext-tls-psk-… Alan DeKok
- Re: [radext] AD review draft-ietf-radext-tls-psk-… Dan Harkins