Re: [radext] I-D Action: draft-ietf-radext-tls-psk-02.txt

Alan DeKok <aland@deployingradius.com> Sun, 20 August 2023 12:56 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84A7DC14CE22 for <radext@ietfa.amsl.com>; Sun, 20 Aug 2023 05:56:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U10DI-aXP9xp for <radext@ietfa.amsl.com>; Sun, 20 Aug 2023 05:56:34 -0700 (PDT)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 125F4C14CF1A for <radext@ietf.org>; Sun, 20 Aug 2023 05:56:32 -0700 (PDT)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id 4643F268; Sun, 20 Aug 2023 12:56:30 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <2060ecfc-65d0-47d0-9c41-edebf6478478@app.fastmail.com>
Date: Sun, 20 Aug 2023 08:56:28 -0400
Cc: radext@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <7FC7064B-0CFA-49D8-8D9E-46E260328DC6@deployingradius.com>
References: <169238915704.56283.13664283366489431030@ietfa.amsl.com> <B2006538-89E0-46AC-9834-1854D586B3D3@deployingradius.com> <2060ecfc-65d0-47d0-9c41-edebf6478478@app.fastmail.com>
To: Alexander Clouter <alex+ietf@coremem.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/orgjQ2-Ut8yZNdywkS9q2U2b2DI>
Subject: Re: [radext] I-D Action: draft-ietf-radext-tls-psk-02.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Aug 2023 12:56:38 -0000

On Aug 20, 2023, at 2:49 AM, Alexander Clouter <alex+ietf@coremem.com> wrote:
> "Implementations MUST use ECDH cipher suites", is this not meant to be "Implementations MUST support ECDH cipher suites" or because pinning cipher suites tends to not age well?

  I'll fix that for sure this time.

> s/labelled/labeled/g   <-- probably my fault, I think I nitted the US to GB in the last one
> s/incorret/incorrect/g
> 
> Typo in: "We note that the PSK identity is a field created >>but<< the connecting client", should be "We note that the PSK identity is a field created >>by<< the connecting client".

  Fixed.

> I think someone here had a preference for non-compressed CIDRs: s~192.0.2/24~192.0.2.0/24~

  Sure, thanks.

  Alan DeKok.