IETF Logo Mail Archive

Re: [radext] Shepherd review of draft-ietf-radext-tls-psk-03

Valery Smyslov <smyslov.ietf@gmail.com> Mon, 06 November 2023 11:56 UTC

Return-Path: <smyslov.ietf@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A14EBC17DC19; Mon, 6 Nov 2023 03:56:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F8uR70Rzq27m; Mon, 6 Nov 2023 03:56:49 -0800 (PST)
Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F2F7C1B0305; Mon, 6 Nov 2023 03:56:49 -0800 (PST)
Received: by mail-lf1-x135.google.com with SMTP id 2adb3069b0e04-507f1c29f25so5645342e87.1; Mon, 06 Nov 2023 03:56:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1699271808; x=1699876608; darn=ietf.org; h=content-language:thread-index:mime-version:message-id:date:subject :in-reply-to:references:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=5OTWYYIh1NHCE0mZkO3r2y+kXi5vRwVZ1ggRTxyNV2o=; b=N8zm+2oHjArwYB9J+BVBPixkNtGgCVyJjZXdwwX9UrlYQ4K35GxqZ+aaUdrts7XcOn t8TB7fY2GvoXg9PH4PUbWAcKxOBH0197abl+oKF+EK/OfqEMf/v6uVGVR/eospMBnnrT P4/otVRq/y/Uv1VnKZ0d5T+MouXxw+rgxgTHC7Wwj6pgG7wLXGHkaPDCugkbr10hyYWp jWP5KofPHP5tXWso6oa1t+5//uQa2oahVZbTZSIvy8Z4OydznH5CF85oCasFxl4NOmje q0LjTeElwQB14Glvjt54N9QW/kf1sXA72cMAXhN4gph24FbC5Eqb+ZHI117cChwpIgAw eHFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699271808; x=1699876608; h=content-language:thread-index:mime-version:message-id:date:subject :in-reply-to:references:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5OTWYYIh1NHCE0mZkO3r2y+kXi5vRwVZ1ggRTxyNV2o=; b=bMLGs4jfrE9LwZSwYnZpda4ujs1ZWx78pgUpqMFcNYR/5sasZ0PrY6bwvRXedmCvWp rU44FnXdDfupUwz+KaOYCuTsKGFiBIzTosrZj8kr5CaF6DgXrxtcxREqg0V5WbcKf7vS qsbd4GOzm9R/zICQ4PqIJqDHNSc4jkx2uSoyYThyXgMna2R81Jbsi+5TQccC/IF8Bs9O G2dYbrOJd+ywY7aHGi4fdXphUzGe3PxnAi53BjZnRq0IHeCU3EEJdgZibt6rKzoSC4Jy MxZyg+nOVDk+wIcb/AvVEQjkCUV/MovzPtHl2ydDb8q+PEQG3u4ePuDN7KXx7lDHUugc ON6g==
X-Gm-Message-State: AOJu0YxtFvNI04rfb5ektwdgI9IXCrgET9LXN57QnahBlPw4OC4Ukr5F x3dQ4J0hQOB/55j8EfqS3178fK2kdz4=
X-Google-Smtp-Source: AGHT+IEsB0ozPN7xK+H1OKV2H2XfLJOUsRNntUWsxMl8+TakVv6V0EoB1iU+hLicEhoGPZQFDLroSQ==
X-Received: by 2002:ac2:5304:0:b0:507:a650:991d with SMTP id c4-20020ac25304000000b00507a650991dmr20532326lfh.58.1699271807412; Mon, 06 Nov 2023 03:56:47 -0800 (PST)
Received: from svannotebook (broadband-46-242-8-247.ip.moscow.rt.ru. [46.242.8.247]) by smtp.gmail.com with ESMTPSA id v13-20020a05651203ad00b004fb85ffc82csm1120534lfp.10.2023.11.06.03.56.46 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Nov 2023 03:56:46 -0800 (PST)
From: Valery Smyslov <smyslov.ietf@gmail.com>
To: 'Heikki Vatiainen' <hvn@radiatorsoftware.com>, radext@ietf.org
Cc: radext-chairs@ietf.org
References: <091b01da0cd0$570fb8f0$052f2ad0$@smyslov.net> <F75CF375-73B2-43C9-A047-6350FA2DFD8A@deployingradius.com> <09ca01da0d60$573d2f20$05b78d60$@smyslov.net> <CAA7Lko-r8pGYoewJwj-zPuy+ZGTn9_wPzusumyG_MdN50QKD5w@mail.gmail.com>
In-Reply-To: <CAA7Lko-r8pGYoewJwj-zPuy+ZGTn9_wPzusumyG_MdN50QKD5w@mail.gmail.com>
Date: Mon, 06 Nov 2023 14:56:44 +0300
Message-ID: <02d601da10a8$50f9a8a0$f2ecf9e0$@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_02D7_01DA10C1.7646E0A0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQGsB+y2WEf/airdP7jC55yMrdpqhwJcilgXAU6oHV8BjCQerrCfhLgQ
Content-Language: ru
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/u_50mO0Nx95FJlvcb-S5Oj41wl4>
Subject: Re: [radext] Shepherd review of draft-ietf-radext-tls-psk-03
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Nov 2023 11:56:53 -0000

Hi Heikki,

 

On Thu, 2 Nov 2023 at 09:44, Valery Smyslov <valery@smyslov.net <mailto:valery@smyslov.net> > wrote:

 

>   How about:
> 
> A server supporting this specification MUST be configurable with a set of "allowed" network ranges from
> which clients are permitted to connect.  Any connection from outside of the allowed range(s) MUST be
> rejected before any PSK identity is checked.  It is RECOMMENDED that servers support IP address
> filtering even when TLS-PSK is not used.  There are few reasons for a server to have a default
> configuration which allows connections from any source IP address.

I think this text still doesn't address my point. The point is that servers
may support both this specification and certificates. In this case
they should be able to only filter out IP addresses for those clients,
which are connecting with TLS-PSK and should be configurable
to allow any IP address for clients wishing to use certificates.

How about:

A server supporting this specification MUST be configurable with a set of "allowed" network ranges from
which clients wishing to use TLS-PSK are permitted to connect.  Any connection from outside of the allowed range(s) MUST be
rejected before any PSK identity is checked.  It is RECOMMENDED that servers support IP address
filtering even when TLS-PSK is not used.  There are few reasons for a server to have a default
configuration which allows connections from any source IP address.

(MUST filter for TLS-PSK and RECOMMENDED for other cases).

 

With TLS 1.3 a server can choose to not do PSK authentication and continue the handshake with certificate authentication. If this is desired, then 'Any connection from outside of the allowed range(s) MUST be rejected' wouldn't work if certificate authentication for the non-PSK address range is supported. Or if 'rejected' in this context simply means that PSK is not used, then a clarification would be useful.

 

            My understanding is that “MUST be rejected” here applies to PSK cases only.

            If the server falls back to certificates, then “RECOMMENDED” below works.

            Perhaps this should be clearer.

 

            Regards,

            Valery.

 

Should the text say that TLS-PSK must not be used and server must either do continue with server certificate authentication or reject the connection completely?

 

Here's what server can do with TLS 1.3 when using OpenSSL:

https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_psk_find_session_callback

 

When an attempt to use PSK is detected by the server, a callback function is called. The callback can:

1. Return success and provide a PSK for PSK authentication

2. Return success but provide no PSK and authentication can continue *

3. Reject failure to terminate the handshake

 

* If the server has configuration for server certificate authentication, then handshake continues with certificate. The server can also be configured without certificates and in this case the handshake is terminated because it can't continue. I observed this while working on implementing this draft.

 

-- 

Heikki Vatiainen
hvn@radiatorsoftware.com <mailto:hvn@radiatorsoftware.com>

v2.31.3 | Report a Bug | By Email | System Status