RADIUS Attributes for IEEE 802.16 Privacy Key Management Version 1 (PKMv1) Protocol Support
draft-zorn-radius-pkmv1-12

[Ballot discuss]
I don't have any objection to the existence or content of this document, but I don't understand why it is Informational.

It seems to define stuff for implementation, and it seems to do that defining within the IETF (i.e. it is not a report of work done elsewhere).

I will be happy to clear this Discuss on the call if someone can give a good reason.

[Ballot discuss]
This will probably be a trivial discuss to clear, but I have concerns about the hard size limits
for two of the attributes.

(1) In section 3.4, the PKM-Cryptosuite-List is defined with Len 2 + 3n < 39, where 'n'
is the number of cryptosuite identifiers.  That gives us n < 12.333... which seems a bit
odd.  Where does the n come from, and why is 12 the maximum number of cryptosuites?

(2) In section 3.7, PKM-AUTH-KEY is sized to convey a 128 bit key.  While I suspect that
PKMv1 may be limited to 128 bits, is there a reason to limit the attribute as well?  Support for
256 bit keys can be be achieved without crossing the magic 255 octet boundary, and might
help us avoid defining new attributes for PKMv2...

[Ballot discuss]
This is probably a trivial discuss, but I have concerns about the hard size limits for two
of the attributes.

(1) In section 3.4, the PKM-Cryptosuite-List is defined with Len 2 + 3n < 39, where 'n'
is the number of cryptosuite identifiers.  That gives us n < 12.333... which seems a bit
odd.  Where does the n come from, and why is 12 the maximum number of cryptosuites?

(2) In section 3.7, PKM-AUTH-KEY is sized to convey a 128 bit key.  While I suspect that
PKMv1 may be limited to 128 bits, is there a reason to limit the attribute as well?  Support for
256 bit keys can be be achieved without crossing the magic 255 octet boundary, and might
help us avoid defining new attributes for PKMv2...

[Ballot comment]
In section 3.4, the PKM-Cryptosuite-List is defined with Len 2 + 3n < 39, where 'n'
is the number of cryptosuite identifiers.  That gives us n < 12.333... which seems a bit
odd.  Where does the n come from, and why is 12 the maximum number of cryptosuites?

[Ballot comment]
Sections 3.1/3.2 say "It is possible that the size of the SS/CA
certificate may exceed the maximum size of a RADIUS attribute".
A certificate compliant with 802.16-2004 is always longer than 255
bytes, so perhaps something like "the size usually exceeds" (or
"the size exceeds") would be more accurate.

[Ballot discuss]
I have reviewed draft-zorn-radius-pkmv1-10, and have one small concern
that I'd like to discuss before recommending approval of the document:

Section 6: "this document does not define a method for doing so
securely" sounds very strange, because the next sentence does define a
recommended method for doing exactly that.

That method is IMHO fine (while it's not perfect from security
point-of-view, it's not totally insecure or useless either -- and the
weaknesses are IMHO adequately described by the last sentence of the
paragraph), but since it's a key part of the specification, the use of
this attribute should be described in e.g. Section 3, and it should be
listed in Section 4.

IANA comments:

Upon approval of this document, IANA will make the following
assignments in the "Radius Attribute Types" registry at
http://www.iana.org/assignments/radius-types

From the range 137-191
Value | Description | Reference
-------- + --------------------------------------- +---------
TBD1 | PKM-SS-Cert | [RFC-zorn-radius-pkmv1-04]
TBD2 | PKM-CA-Cert | [RFC-zorn-radius-pkmv1-04]
TBD3 | PKM-Config-Settings | [RFC-zorn-radius-pkmv1-04]
TBD4 | PKM-Cryptosuite-List | [RFC-zorn-radius-pkmv1-04]
TBD5 | PKM-SAID | [RFC-zorn-radius-pkmv1-04]
TBD6 | PKM-SA-Descriptor | [RFC-zorn-radius-pkmv1-04]
TBD7 | PKM-Auth-Key | [RFC-zorn-radius-pkmv1-04]

We understand the above to be the only IANA Action for this document.

PROTO write-up by Glen Zorn:

  (1.a)  Who is the Document Shepherd for this document?  Has the
      Document Shepherd personally reviewed this version of the document
      and, in particular, does he or she believe this version is ready
      for forwarding to the IESG for publication?
Glen Zorn is the Document Shepherd; he has personally reviewed this version of the document and believes that this version is ready for forwarding to the IESG for publication.

  (1.b)  Has the document had adequate review both from key members of
      the interested community and others?  Does the Document Shepherd
      have any concerns about the depth or breadth of the reviews that
      have been performed?
The document has been reviewed by interested parties in the IETF radext WG and by both the WiMAX Forum NWG Security Team (attached) and the IEEE 802.16 Working Group (http://ieee802.org/16/liaison/docs/L80216-08_069r1.pdf).  The Document Shepherd has no concerns about the quality of the reviews.

  (1.c)  Does the Document Shepherd have concerns that the document
      needs more review from a particular or broader perspective, e.g.,
      security, operational complexity, someone familiar with AAA,
      internationalization or XML?
No.

  (1.d)  Does the Document Shepherd have any specific concerns or
      issues with this document that the Responsible Area Director
      and/or the IESG should be aware of?  For example, perhaps he or
      she is uncomfortable with certain parts of the document, or has
      concerns whether there really is a need for it.  In any event, if
      the interested community has discussed those issues and has
      indicated that it still wishes to advance the document, detail
      those concerns here.
No concerns.

  (1.e)  How solid is the consensus of the interested community behind
      this document?  Does it represent the strong concurrence of a few
      individuals, with others being silent, or does the interested
      community as a whole understand and agree with it?
The interested community may be divided into two constituencies: the standards community and the community consisting of those people and organizations implementing and deploying systems based upon fixed (as opposed to mobile) WiMAX (802.16-2004).  Outside the IETF, the standards community (including the IEEE 802.16 WG and the WiMAX Forum) seems to have moved on to the undeniably more glamorous (and hopefully, greener) pastures of mobile WiMAX but they have voiced no objection to this work.  On the other hand, this specification was developed at the request of implementers and in fact the first implementation was running before the -00 version of the draft was published; implementations of the draft have been deployed (using attributes drawn from the Experimental RADIUS Attribute namespace) in Africa and Southeast Asia.  This would seem to indicate strong support for the draft from that community.  Within the IETF, no objections have been raised to the publication of the document as an Informational RFC.


  (1.f)  Has anyone threatened an appeal or otherwise indicated extreme
      discontent?  If so, please summarize the areas of conflict in
      separate email messages to the Responsible Area Director.  (It
      should be in a separate email because this questionnaire is
      entered into the ID Tracker.)
No.

  (1.g)  Has the Document Shepherd personally verified that the
      document satisfies all ID nits?  (See
      http://www.ietf.org/ID-Checklist.html and
      http://tools.ietf.org/tools/idnits/).  Boilerplate checks are not
      enough; this check needs to be thorough.  Has the document met all
      formal review criteria it needs to, such as the MIB Doctor, media
      type and URI type reviews?
The idnits tool (http://tools.ietf.org/tools/idnits/idnits.pyht produces no errors or warnings and only one comment (about the obsolete reference, see below).

  (1.h)  Has the document split its references into normative and
      informative?  Are there normative references to documents that are
      not ready for advancement or are otherwise in an unclear state?
      If such normative references exist, what is the strategy for their
      completion?  Are there normative references that are downward
      references, as described in [RFC3967]?  If so, list these downward
      references to support the Area Director in the Last Call procedure
      for them [RFC3967].
All the references are correct; there is one intentionally obsolete reference (to RFC 2459), which is present to preserve alignment with the IEEE 802.16-2004 standard.

  (1.i)  Has the Document Shepherd verified that the document IANA
      consideration section exists and is consistent with the body of
      the document?  If the document specifies protocol extensions, are
      reservations requested in appropriate IANA registries?  Are the
      IANA registries clearly identified?  If the document creates a new
      registry, does it define the proposed initial contents of the
      registry and an allocation procedure for future registrations?
      Does it suggested a reasonable name for the new registry?  See
      [I-D.narten-iana-considerations-rfc2434bis].  If the document
      describes an Expert Review process has Shepherd conferred with the
      Responsible Area Director so that the IESG can appoint the needed
      Expert during the IESG Evaluation?
The IANA Considerations section is present and complete.

  (1.j)  Has the Document Shepherd verified that sections of the
      document that are written in a formal language, such as XML code,
      BNF rules, MIB definitions, etc., validate correctly in an
      automated checker?
N/A.

  (1.k)  The IESG approval announcement includes a Document
      Announcement Write-Up.  Please provide such a Document
      Announcement Writeup?  Recent examples can be found in the
      "Action" announcements for approved documents.  The approval
      announcement contains the following sections:

      Technical Summary

        This document defines a set of RADIUS Attributes which are designed
        to provide RADIUS support for IEEE 802.16 Privacy Key Management
        Version 1.

      Working Group Summary

        This document is not the product of an IETF Working Group.

      Document Quality

        There are at least two independent implementations of this draft; in
        addition, it has been reviewed by interested parties in the IETF radext WG 
        and by both the WiMAX Forum NWG Security Team and the IEEE 802.16 Working
        Group.  Special mention should be given to Alfred Hoenes for
        his excellent independent review.