From nobody Wed Feb 1 23:47:30 2017 Return-Path: X-Original-To: radext@ietf.org Delivered-To: radext@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 86259127077; Wed, 1 Feb 2017 23:47:27 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "\"IETF Meeting Session Request Tool\"" To: X-Test-IDTracker: no X-IETF-IDTracker: 6.42.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <148602164750.18700.13460273511502894326.idtracker@ietfa.amsl.com> Date: Wed, 01 Feb 2017 23:47:27 -0800 Archived-At: Cc: radext@ietf.org, Kathleen.Moriarty.ietf@gmail.com, radext-chairs@ietf.org, stefan.winter@restena.lu Subject: [radext] radext - Not having a session at IETF 98 X-BeenThere: radext@ietf.org X-Mailman-Version: 2.1.17 List-Id: RADIUS EXTensions working group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Feb 2017 07:47:27 -0000 Stefan Winter, a chair of the radext working group, indicated that the radext working group does not plan to hold a session at IETF 98. This message was generated and sent by the IETF Meeting Session Request Tool. From Aravind.Sridharan@dell.com Fri Feb 17 04:42:06 2017 Return-Path: X-Original-To: radext@ietfa.amsl.com Delivered-To: radext@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1941E129A05 for ; Fri, 17 Feb 2017 04:42:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.719 X-Spam-Level: X-Spam-Status: No, score=-2.719 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dell.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fhmI8kmqT48v for ; Fri, 17 Feb 2017 04:42:05 -0800 (PST) Received: from esa8.dell-outbound.iphmx.com (esa8.dell-outbound.iphmx.com [68.232.149.218]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6755129A04 for ; Fri, 17 Feb 2017 04:42:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dell.com; i=@dell.com; q=dns/txt; s=smtpout; t=1487335324; x=1518871324; h=from:cc:to:date:subject:message-id:mime-version; bh=dDcUWiKN2140srD7FuT38n71RbxB9PVxDva5uAnVxHA=; b=ONBdTtfFIydpg+So1BYl/PHSv2Ao27qWpg3Of8GetHdYaPT4w8gzsRdj E4Zsv64LYqCwwfqTEdjqvMw4R/vWOm4sRtyCEdYQqySMx7TSTB2tjGbt8 Zmo8WfK3miyxCfcSEhFFMFB3Xwu/V3Xwn8cIn/nTFoxSRDx6ecOh0lqM1 E=; Received: from esa4.dell-outbound2.iphmx.com ([68.232.154.98]) by esa8.dell-outbound.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Feb 2017 06:42:04 -0600 From: Received: from ausxipps306.us.dell.com ([143.166.148.156]) by esa4.dell-outbound2.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Feb 2017 18:42:03 +0600 X-LoopCount0: from 10.170.28.40 X-IronPort-AV: E=Sophos; i="5.35,171,1484028000"; d="scan'208,217"; a="74033852" To: Date: Fri, 17 Feb 2017 18:11:59 +0530 Thread-Topic: New Draft for RADIUS Attribute Security Thread-Index: AdKJGuxlhQKJnNMrSouB92gPEJ2vkg== Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-tituslabs-classifications-30: TLPropertyRoot=Dell;Classification=No Restrictions;Sublabels=; x-titus-version: 3.5.29.3 x-tituslabs-classificationhash-30: 0Ywc1/TmJmZP14okFmB8GNyLGuT/MQ2tENPz7BHaBKIm8Z49uu3t76PlrO8BIFOf1OFWCafgSDkad3KLvIXXfT+JyXUr96MWdoKvk5GqV7Lvo1ui88NyKiBv1bNthYLqPTVC3V8T+sjRHYto9TDtRm8cQGgpeETilneMvh5rRtMFGBFo+l2YyCQpk2C2gjiE1mJaYlXIHupnDMN0U30RZxJpsZIIrl0RuOU8dh1y86I= x-titusconfig: 1.4APJ acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_D5A6F3355F664C40AFB65BB1277D8D45044ECDD0F5MAAX7MCDC101A_" MIME-Version: 1.0 Archived-At: X-Mailman-Approved-At: Sat, 18 Feb 2017 01:36:56 -0800 Cc: Aravind.Sridharan@dell.com, Sanal.Kumar.Sivarama@dell.com Subject: [radext] New Draft for RADIUS Attribute Security X-BeenThere: radext@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: RADIUS EXTensions working group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Feb 2017 12:43:53 -0000 --_000_D5A6F3355F664C40AFB65BB1277D8D45044ECDD0F5MAAX7MCDC101A_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi All, We have proposed a new draft for RADIUS Attribute Security. Name: draft-aravind-radext-attribute-security Revision: 00 Title: RADIUS Attribute Security Document date: 2017-02-17 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/internet-drafts/draft-aravind-radext-a= ttribute-security-00.txt Status: https://datatracker.ietf.org/doc/draft-aravind-radext-attri= bute-security/ Htmlized: https://tools.ietf.org/html/draft-aravind-radext-attribute-= security-00 We would love to hear your reviews and comments. Thanks, S. Aravind Prasad --_000_D5A6F3355F664C40AFB65BB1277D8D45044ECDD0F5MAAX7MCDC101A_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi All,<= o:p>

 

We have proposed a new draft for RADIUS Attribute Security.

 

 =

Name:      =            draft-aravind-= radext-attribute-security

Revision:&n= bsp;           00

Title:      &n= bsp;            = ; RADIUS Attribute Security

Document = date:           &nbs= p;  2017-02-17

Group:  = ;            &n= bsp; Individual Submission

Pages:          &nb= sp;      9

URL:        &= nbsp;   https://www.i= etf.org/internet-drafts/draft-aravind-radext-attribute-security-00.txt

Status:         https://datatracker.ietf.org/doc/draft-aravind-rade= xt-attribute-security/

Htmlized:     =   https://tools.ietf.org/html/draft-ara= vind-radext-attribute-security-00

 

=

 

We would love to hear your reviews and comments.

 

Thanks,=

S. Aravind Prasad

 

= --_000_D5A6F3355F664C40AFB65BB1277D8D45044ECDD0F5MAAX7MCDC101A_-- From nobody Sat Feb 18 05:22:37 2017 Return-Path: X-Original-To: radext@ietfa.amsl.com Delivered-To: radext@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28BB712950E for ; Sat, 18 Feb 2017 05:22:36 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n5EXMD8fdZfm for ; Sat, 18 Feb 2017 05:22:34 -0800 (PST) Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) by ietfa.amsl.com (Postfix) with ESMTP id 7E66012950A for ; Sat, 18 Feb 2017 05:22:34 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.networkradius.com (Postfix) with ESMTP id 92980149B; Sat, 18 Feb 2017 13:22:33 +0000 (UTC) Received: from mail.networkradius.com ([127.0.0.1]) by localhost (mail-server.vmhost2.networkradius.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6kVxRsNxEjEC; Sat, 18 Feb 2017 13:22:33 +0000 (UTC) Received: from [192.168.120.42] (23-233-24-114.cpe.pppoe.ca [23.233.24.114]) by mail.networkradius.com (Postfix) with ESMTPSA id 0D690DA; Sat, 18 Feb 2017 13:22:32 +0000 (UTC) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: Alan DeKok In-Reply-To: Date: Sat, 18 Feb 2017 08:22:31 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Aravind.Sridharan@dell.com X-Mailer: Apple Mail (2.3124) Archived-At: Cc: radext@ietf.org, Sanal.Kumar.Sivarama@dell.com Subject: Re: [radext] New Draft for RADIUS Attribute Security X-BeenThere: radext@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: RADIUS EXTensions working group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Feb 2017 13:22:36 -0000 On Feb 17, 2017, at 7:41 AM, = wrote: > We have proposed a new draft for RADIUS Attribute Security. My $0.02: use TLS with a pre-shared key. While this requires a TLS = implementation on the client, the administration overhead is exactly the = same as for traditional RADIUS shared secrets. And TLS isn't much of an overhead any more. While OpenSSL is huge, = there are many other small / embedded SSL libraries. Any modern RADIUS = client should be able to handle TLS without much difficulty. Alan DeKok. From nobody Sat Feb 18 07:47:55 2017 Return-Path: X-Original-To: radext@ietfa.amsl.com Delivered-To: radext@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CEC3129408 for ; Sat, 18 Feb 2017 07:47:54 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BsaJ33ARcJKy for ; Sat, 18 Feb 2017 07:47:52 -0800 (PST) Received: from mail-pg0-x232.google.com (mail-pg0-x232.google.com [IPv6:2607:f8b0:400e:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68C44126D73 for ; Sat, 18 Feb 2017 07:47:52 -0800 (PST) Received: by mail-pg0-x232.google.com with SMTP id v184so23774303pgv.3 for ; Sat, 18 Feb 2017 07:47:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ibsU+R2vzKsfgtny9y23jYZnM8CxmBTEffLt63Q5w8c=; b=QA7o1HcfIWShi5pEsUaD4kXyfr2/kBJvTNccKbIziq8OQ4vjVSB0RQrjK/6rgozTK9 PCDM6nXtyA7sfw6J1dZDZzXJqnb0KT8ZfdFP83HxWAgZIHe3Mtz0oKcLClxudiYBWCK5 Sq51I57eDhyREKqGzwY7sdwmwIE+lERx5/PluQTPL3Lo55utiU5XSMFAMfYGGhEUrHWX K2WoE/j553LUaSW03GdMO1ek0GZzLIk8fyLkXqYF0i4fe9vzkbQtEb0bqaA9Qs+zcyFv zrJD9YY6cz83cJ78ye2sxwBdCyFGT20z9Bh/+BNCt+aq524MA+fhO6UqWjuEtXL3KmVa 2HTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ibsU+R2vzKsfgtny9y23jYZnM8CxmBTEffLt63Q5w8c=; b=cL+fAsNlj8uCB2EFCRzNPGwYKDTPxRLRejpn/cSGfkP6sf3nmQb5HZjF/rG7Agp+YD M99oojxR/hbL8VMskqVkoPJSA8/4Ii3eaNdlUObgu+drF7iMPPg41gmOkv+BMDlXsEkf BV06rCpPj2M35geytEOGD3DXrbzF0haUtKVDXof1IWCDNiZpRw9cumytzF8f7Y6QJpfD LkEe6OcngdFb9U8X15u5v97lT9aIpISil4e3aENOURlGMuPZtruf7v8OtoX3xqLscKDr k8n7ip1P0eJ9/nE6EdFX74YHbOpVuEOY5Rl5T0h/avtWq1BSpY8LMXCBIFYSTy9oOyYS PMhQ== X-Gm-Message-State: AMke39nA0/v2q5Acum+3tdwr8v/BqFvYmq5q8p9SJ09Mc3zcaUoz6xrY8WTyI5cMhYdxwg== X-Received: by 10.84.176.131 with SMTP id v3mr19232130plb.20.1487432872033; Sat, 18 Feb 2017 07:47:52 -0800 (PST) Received: from [10.48.180.28] (mobile-166-176-186-80.mycingular.net. [166.176.186.80]) by smtp.gmail.com with ESMTPSA id j127sm2812214pfg.89.2017.02.18.07.47.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 18 Feb 2017 07:47:51 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) From: Bernard Aboba X-Mailer: iPhone Mail (14D27) In-Reply-To: Date: Sat, 18 Feb 2017 07:47:49 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Alan DeKok Archived-At: Cc: Aravind.Sridharan@dell.com, Sanal.Kumar.Sivarama@dell.com, radext@ietf.org Subject: Re: [radext] New Draft for RADIUS Attribute Security X-BeenThere: radext@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: RADIUS EXTensions working group discussion list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Feb 2017 15:47:54 -0000 +1.=20 Using standards-based transport security via (D)TLS is better than continuin= g with RADIUS application security. It automatically benefits from new (D)TL= S versions. It can use any credential (D)TLS supports. And (D)TLS is already= present on most devices. > On Feb 18, 2017, at 5:22 AM, Alan DeKok wrote:= >=20 >> On Feb 17, 2017, at 7:41 AM, wrote: >> We have proposed a new draft for RADIUS Attribute Security. >=20 > My $0.02: use TLS with a pre-shared key. While this requires a TLS imple= mentation on the client, the administration overhead is exactly the same as f= or traditional RADIUS shared secrets. >=20 > And TLS isn't much of an overhead any more. While OpenSSL is huge, there= are many other small / embedded SSL libraries. Any modern RADIUS client sh= ould be able to handle TLS without much difficulty. >=20 > Alan DeKok. >=20 > _______________________________________________ > radext mailing list > radext@ietf.org > https://www.ietf.org/mailman/listinfo/radext