IETF Logo Mail Archive

Re: [radext] Proposed new charter text

Stefan Winter <stefan.winter@restena.lu> Tue, 24 March 2015 07:20 UTC

Return-Path: <stefan.winter@restena.lu>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA7611B2CB8 for <radext@ietfa.amsl.com>; Tue, 24 Mar 2015 00:20:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01, WEIRD_PORT=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H3TDmfCJAB7w for <radext@ietfa.amsl.com>; Tue, 24 Mar 2015 00:20:49 -0700 (PDT)
Received: from smtprelay.restena.lu (smtprelay.restena.lu [158.64.1.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 74DE21B2CB7 for <radext@ietf.org>; Tue, 24 Mar 2015 00:20:49 -0700 (PDT)
Received: from aragorn.restena.lu (aragorn.restena.lu [IPv6:2001:a18:1:8::155]) by smtprelay.restena.lu (Postfix) with ESMTPS id A921E40BFE for <radext@ietf.org>; Tue, 24 Mar 2015 08:20:47 +0100 (CET)
Message-ID: <5511104F.2030006@restena.lu>
Date: Tue, 24 Mar 2015 08:20:47 +0100
From: Stefan Winter <stefan.winter@restena.lu>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: radext@ietf.org
References: <5502B836.5000100@restena.lu> <alpine.WNT.2.20.1.1503221133420.3600@SMURF> <9C712CB9-7834-4049-9318-54E769F7661D@deployingradius.com> <alpine.WNT.2.20.1.1503221518060.3600@SMURF> <2DB68EA1-97A6-4263-9E7F-9BD24B567C7A@deployingradius.com> <alpine.WNT.2.20.1.1503221852040.3600@SMURF> <5FA970CC-2E05-4EFC-8AE6-840D334B28E4@deployingradius.com> <alpine.WNT.2.20.1.1503230923000.3600@SMURF> <1A6EF1EA-3412-4AAA-9646-3FD18EC0C4E4@deployingradius.com> <tsl4mpbb8r6.fsf@mit.edu>
In-Reply-To: <tsl4mpbb8r6.fsf@mit.edu>
OpenPGP: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="CVLSawr1iwahAbuX5xN4ruLRI32FNk38F"
Archived-At: <http://mailarchive.ietf.org/arch/msg/radext/a7dJuMlBd5CcAdrrWfvfYYEQ_Lw>
Subject: Re: [radext] Proposed new charter text
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Mar 2015 07:20:52 -0000

Hello,

thanks Alan, Peter and Sam for taking the discussion to this point. You
have collectively revealed the issue that was causing the confusion; and
it leads to a need to tweak the charter IMHO:

Either the document needs to consider safeguards against "generous
disconnects" in other domains - I understand from the discussion that
this is a very hard problem - or the document can't be standards track
and needs a big warning that such generous disconnects are a security
problem in this draft.
I understand that this problem has always been there; it's not new in
this draft but a problem of RFC5176 itself - it is only exacerbated now
because proxying was previously totally undefined (making sending malign
DM/CoA packets a private workflow and hard) and now becomes mostly
defined and thus more easily exploitable.

The latter solution, off of standards track, is easier: the target track
and milestone info for the document could be changed towards
Informational (matching RFC5176 itself) and the WG would during the
normal WG workflow suggest appropriate warning text for the draft.

I like that way out, if everyone else can live with it. I'd appreciate
comments from the working group on that topic, particularly from the
three of you of course :-)

Greetings,

Stefan Winter


On 24.03.2015 00:21, Sam Hartman wrote:
>>>>>> "Alan" == Alan DeKok <aland@deployingradius.com> writes:
> 
> 
>     Alan>   i.e. what you’re saying is that there is a requirement for
>     Alan> home server A to NOT be allowed to disconnect users for home
>     Alan> server B in a visited network.  That is a *new* requirement,
>     Alan> which doesn’t negate my comments above.
> 
>     Alan>   I want to solve one problem at a time.  Operator-Name and
>     Alan> Operator-NAS-Identifier are sufficient to get the packet to
>     Alan> the visited NAS.  Your earlier comments seemed to say that
>     Alan> they were NOT sufficient, which is what was unclear.
> 
> 
> I think solving this requirement would be necessary for moving COA to
> the standards track or removing the health warning in 5176.
> 
> I'm fine not solving that problem provided that we have a fairly serious
> health warning on this draft.
> For this and other reasons COA massively fails to meet our current
> security expectations for standards track.
> 
> --Sam
> 
> _______________________________________________
> radext mailing list
> radext@ietf.org
> https://www.ietf.org/mailman/listinfo/radext
> 


-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

v2.23.0 | Report a Bug | By Email