IETF Logo Mail Archive

Re: [radext] Adam Roach's Discuss on draft-ietf-radext-coa-proxy-05: (with DISCUSS and COMMENT)

Adam Roach <adam@nostrum.com> Tue, 14 August 2018 17:16 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EE24130934; Tue, 14 Aug 2018 10:16:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.88
X-Spam-Level:
X-Spam-Status: No, score=-1.88 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G_kMpI8Gtyri; Tue, 14 Aug 2018 10:16:45 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78708128CB7; Tue, 14 Aug 2018 10:16:45 -0700 (PDT)
Received: from Orochi.local (c-73-206-50-7.hsd1.tx.comcast.net [73.206.50.7]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id w7EHGTdF066169 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Tue, 14 Aug 2018 12:16:30 -0500 (CDT) (envelope-from adam@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host c-73-206-50-7.hsd1.tx.comcast.net [73.206.50.7] claimed to be Orochi.local
To: Alan DeKok <aland@deployingradius.com>
Cc: Winter Stefan <stefan.winter@restena.lu>, radext@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-radext-coa-proxy@ietf.org, radext-chairs@ietf.org
References: <153421241151.25112.5942779659969287406.idtracker@ietfa.amsl.com> <DCBC0F8A-E486-4844-8C7A-CCDEBD41A0E4@deployingradius.com> <0d9cc14c-d065-87fa-5ea1-f76fde1c9c2f@nostrum.com> <B33A4595-EDBE-41C5-9FD6-5EEACB6EEDE4@deployingradius.com> <b6c70613-40b1-9c78-ec63-927ffdffa094@nostrum.com> <44429A5F-F978-4D7B-8330-C6A665E8BF53@deployingradius.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <680f1611-e86a-abd1-fb5f-63f27a265226@nostrum.com>
Date: Tue, 14 Aug 2018 12:16:28 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <44429A5F-F978-4D7B-8330-C6A665E8BF53@deployingradius.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/oLa1Sx4Esg43EdbszQuKX4lDfe0>
Subject: Re: [radext] Adam Roach's Discuss on draft-ietf-radext-coa-proxy-05: (with DISCUSS and COMMENT)
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Aug 2018 17:16:47 -0000

On 8/14/18 11:11, Alan DeKok wrote:
> On Aug 14, 2018, at 11:51 AM, Adam Roach <adam@nostrum.com> wrote:
>> I think we're getting off in the weeds here exactly because the language in the document is ambiguous. I think I made some assumptions that might not match yours. Let's try a level set.
>>
>> The document says that the token "SHOULD be cryptographically strong." What does this mean, and why do you need it?
>    The Operator-NAS-Identifier may contain information, such as an encrypted IP address.  In which case it should use sane encryption methods.
>
>    If it's just an opaque token, then the token value should be created via some sane method.  Mainly to avoid accidental re-use.

You've described what you mean, without saying why you need it, and so 
I'm not sure what you mean achieves what you think you need -- and I 
have have a creeping suspicion that it does not.

I *think* the idea here is hiding things like how many NASes you have 
deployed in your network [1]. If that's the case, you'll minimally need 
some guidance here about each token being encrypted separately, using a 
unique nonce.

I'll note that the creation of opaque tokens that don't differ between 
requests (as you seem to suggest above) doesn't achieve the goal of 
hiding the number of NASes -- it's not harder to count unique opaque 
tokens than it is to count IP addresses.


>> The document says that the token "SHOULD be verifiable by the Visited Network." What does this mean, and why do you need it?
>    The visited network needs to know that the token maps to an actual NAS.
>
>    If the token is an encrypted blob, it can decrypt the blob and verify it that way.

Sorry, verify it how?

Let's say my token generation scheme is to take the IP address of the 
NAS, pack it up in network byte order, and run it through some 
encryption algorithm. So, I get a blob in a Disconnect-Request message, 
run it through decryption, and get four bytes:  136, 35, 8, and 43. That 
looks like a valid IP address to me. I still can't tell whether I 
generated the blob, or whether someone else just created a random blob 
and that's what it happened to decrypt to -- because most four-byte 
sequences are valid IPv4 addresses.

And, as for needing to know that it maps to an actual NAS: why? If the 
something is messing up these tokens and the worst thing that happens is 
that the transaction fails, that seems to be fine.

/a

____
[1] I'm basing this in part on the text from §6: "This ensures that 
anyone observing unencrypted RADIUS traffic gains no information about 
the internals of the Visited Network."

v2.23.0 | Report a Bug | By Email