[radext] RADIUS/TLS with NULL cipher suites
Alan DeKok <aland@deployingradius.com> Thu, 24 August 2023 14:47 UTC
Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84FC0C1519A6 for <radext@ietfa.amsl.com>; Thu, 24 Aug 2023 07:47:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pqYVEsVnRH1Q for <radext@ietfa.amsl.com>; Thu, 24 Aug 2023 07:47:52 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1341FC1519A4 for <radext@ietf.org>; Thu, 24 Aug 2023 07:47:51 -0700 (PDT)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id 24BE5268 for <radext@ietf.org>; Thu, 24 Aug 2023 14:47:49 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
From: Alan DeKok <aland@deployingradius.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Message-Id: <ACDF13CC-1529-49EE-8251-7BB7AEE9DED3@deployingradius.com>
Date: Thu, 24 Aug 2023 10:47:47 -0400
To: radext@ietf.org
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/fII090MVS358J_SISXLvemAzc10>
Subject: [radext] RADIUS/TLS with NULL cipher suites
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Aug 2023 14:47:56 -0000
I ran across this recently. The EU has "power systems and management" standards for RADIUS. Think SCADA && associated systems which do command and control of industrial equipment. That's good, right? IEC 62351-3:2023 was released recently, and contains the following gems (summarized) Table 9 - TLS 1.2 usable cipher suites ... TLS_NULL_WITH_NULL_NULL disallowed TLS_RSA_WITH_NULL_MD5 disallowed TLS_RSA_WITH_NULL_SHA256 ... Uh... what? NULL encryption is allowed? Couple that with the people using the default RADIIS/TLS secret of "radsec", and this proposal is *worse* than using RADIUS/UDP. The User-Password fields will be obfuscated with a known shared secret, making them visible to anyone. So for 6614bis, we need to forbid the use of NULL cipher suites for TLS 1.2 and earlier. We can't fix this specification. But we can issue our own counter-specification which goes "WHAT? WHY WOULD YOU DO THAT?" RADIUS is a never-ending source of joy. Alan DeKok.
- [radext] RADIUS/TLS with NULL cipher suites Alan DeKok
- Re: [radext] RADIUS/TLS with NULL cipher suites Stephen Farrell
- Re: [radext] RADIUS/TLS with NULL cipher suites Alan DeKok
- Re: [radext] RADIUS/TLS with NULL cipher suites Michael Richardson
- Re: [radext] RADIUS/TLS with NULL cipher suites Stefan Paetow
- Re: [radext] RADIUS/TLS with NULL cipher suites Alan DeKok
- Re: [radext] RADIUS/TLS with NULL cipher suites Alexander Clouter
- Re: [radext] RADIUS/TLS with NULL cipher suites Heikki Vatiainen
- Re: [radext] RADIUS/TLS with NULL cipher suites Alan DeKok