Crypto-Agility Requirements for Remote Authentication Dial-In User Service (RADIUS)
RFC 6421

[Ballot discuss]
The Gen-ART Review by Mary Barnes raises quire a few concerns.  It
  deserves a response.  The review can be found at:

    http://wiki.tools.ietf.org/dav/genart/reviews/
    draft-ietf-radext-crypto-agility-requirements-06-barnes.txt

the following list of GenART issues raised by Mary Barnes need to be addressed:

The following "Minor issues" were not addressed in the -07:

- General.  I don't think you need references to the RADEXT WG since it a product of that WG - it's listed in the document header and it's obvious in the tools.  Folks that aren't familiar with IETF probably don't care what WG produced the document.  Subsequent comments below give specific suggestions around this.

- Introduction,second paragraph. I don't think this necessarily fits the context of a published RFC. In general, the content of WG documents is based on mailing list discussion.  And, it's usual that an informational document is published to provide the type of information that is noted in that paragraph. So, I would think you could just delete that paragraph.

- Section 1.3.  I don't think the background is necessary. Certainly, the motivation for this work is useful introductory information, but I think that initial problem statement/objectives could be reworded in present    tense in terms of objectives and what this document specifies.
[MB] While, the author deleted this section, they just moved the text to the Introduction rather than rewording the initial problem statement/objectives. [/MB]

- Section 4.3, 3rd paragraph.  Shouldn't the "can be" be a "MAY be"? - i.e, isn't this normative behavior in terms of describing how the requirements for backwards compatibility can be satisfied or in some cases where they can't?

- Section 4.3, 4th paragraph.  Shouldn't the "can omit" be a "MAY omit"? 

- Section 4.3, 6th paragraph.  Shouldn't the "can be" be a "MAY be"?

[Ballot comment]
(1) You might want to say that RECOMMENDED is the same as SHOULD where
you define conditional compliance.

(2) Its not entirely clear whether or not protection against bidding
down is a SHOULD or MUST. 4.2 seems to make it a MUST, but 4.3 seems to
open up such an attack ("If a response is not received...a new request
can be composed using legacy mechanisms"). Maybe the latter just
applies when the legacy mechanisms remain unbroken? If so, then
clarifying that might be good.

[Ballot comment]
Section 2: r/can selected/can be selected

Section 4.2: maybe add a reference to RFC 5280 in the following:

  it is RECOMMENDED that a RADIUS crypto-agility solution
  support X.509 certificates *[RFC5280]* for authentication
  between the NAS and RADIUS server

[Ballot discuss]
The Gen-ART Review by Mary Barnes raises quire a few concerns.  It
  deserves a response.  The review can be found at:

    http://wiki.tools.ietf.org/dav/genart/reviews/
    draft-ietf-radext-crypto-agility-requirements-06-barnes.txt

State changed to In Last Call from Last Call Requested.

The following Last Call Announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Subject: Last Call:  (Crypto-Agility Requirements for Remote Dial-In User Service (RADIUS)) to Informational RFC


The IESG has received a request from the RADIUS EXTensions WG (radext) to
consider the following document:
- 'Crypto-Agility Requirements for Remote Dial-In User Service (RADIUS)'
  as an
Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2011-06-14. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


This memo describes the requirements for a crypto-agility solution
for Remote Authentication Dial-In User Service (RADIUS).



The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-radext-crypto-agility-requirements/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-radext-crypto-agility-requirements/


No IPR declarations have been submitted directly on this I-D.

(1.a) Who is the Document Shepherd for this document? Has the
Document Shepherd personally reviewed this version of the document
and, in particular, does he or she believe this version is ready
for forwarding to the IESG for publication?

Bernard Aboba is the document shepherd. I have personally reviewed
the document, and believe it is ready for publication as an Informational RFC.

(1.b) Has the document had adequate review both from key members of
the interested community and others? Does the Document Shepherd
have any concerns about the depth or breadth of the reviews that
have been performed?

The document has adequate review from members of the community.
It has been discussed on the RADEXT WG mailing list as well
as within IETF meetings since IETF 66 and has been reviewed
both by WG participants as well as by external reviewers such as
Pasi Eronen. The document has completed two RADEXT WG last calls.

(1.c) Does the Document Shepherd have concerns that the document
needs more review from a particular or broader perspective, e.g.,
security, operational complexity, someone familiar with AAA,
internationalization or XML?

No concerns.

(1.d) Does the Document Shepherd have any specific concerns or
issues with this document that the Responsible Area Director
and/or the IESG should be aware of? For example, perhaps he or
she is uncomfortable with certain parts of the document, or has
concerns whether there really is a need for it. In any event, if
the interested community has discussed those issues and has
indicated that it still wishes to advance the document, detail
those concerns here.

No concerns.

(1.e) How solid is the consensus of the interested community behind
this document? Does it represent the strong concurrence of a few
individuals, with others being silent, or does the interested
community as a whole understand and agree with it?

There appears to be strong consensus behind the document.

(1.f) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in
separate email messages to the Responsible Area Director. (It
should be in a separate email because this questionnaire is
entered into the ID Tracker.)

No.

(1.g) Has the Document Shepherd personally verified that the
document satisfies all ID nits? (See
http://www.ietf.org/ID-Checklist.html and
http://tools.ietf.org/tools/idnits/). Boilerplate checks are not
enough; this check needs to be thorough. Has the document met all
formal review criteria it needs to, such as the MIB Doctor, media
type and URI type reviews?

IDNits are clean:

idnits 2.12.09

tmp/draft-ietf-radext-crypto-agility-requirements-06.txt:

Checking boilerplate required by RFC 5378 and the IETF Trust (see
http://trustee.ietf.org/license-info):
----------------------------------------------------------------------------

== You're using the IETF Trust Provisions' Section 6.b License Notice from
12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See
http://trustee.ietf.org/license-info/)


Checking nits according to http://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------

No issues found here.

Checking nits according to http://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------

No issues found here.

Miscellaneous warnings:
----------------------------------------------------------------------------

No issues found here.

Checking references for intended status: Informational
----------------------------------------------------------------------------

No issues found here.

Summary: 0 errors (**), 1 warning (==), 0 comments (--).
--------------------------------------------------------------------------------

(1.h) Has the document split its references into normative and
informative? Are there normative references to documents that are
not ready for advancement or are otherwise in an unclear state?
If such normative references exist, what is the strategy for their
completion? Are there normative references that are downward
references, as described in [RFC3967]? If so, list these downward
references to support the Area Director in the Last Call procedure
for them [RFC3967].

References are split into normative and informative requirements.
There are no normative references to documents in an unclear state.

(1.i) Has the Document Shepherd verified that the document IANA
consideration section exists and is consistent with the body of
the document? If the document specifies protocol extensions, are
reservations requested in appropriate IANA registries? Are the
IANA registries clearly identified? If the document creates a new
registry, does it define the proposed initial contents of the
registry and an allocation procedure for future registrations?
Does it suggested a reasonable name for the new registry? See
[I-D.narten-iana-considerations-rfc2434bis]. If the document
describes an Expert Review process has Shepherd conferred with the
Responsible Area Director so that the IESG can appoint the needed
Expert during the IESG Evaluation?

The document makes no request of IANA (see Section 5).

(1.j) Has the Document Shepherd verified that sections of the
document that are written in a formal language, such as XML code,
BNF rules, MIB definitions, etc., validate correctly in an
automated checker?

Not applicable.

(1.k) The IESG approval announcement includes a Document
Announcement Write-Up. Please provide such a Document
Announcement Writeup? Recent examples can be found in the
"Action" announcements for approved documents. The approval
announcement contains the following sections:

Technical Summary

This document describes the requirements for RADIUS crypto-agility,
as well as the process by which crypto-agility solutions will be
developed and published by the RADEXT working group. Crypto-
agility is defined as the ability of RADIUS implementations to
automatically negotiate cryptographic algorithms for use in RADIUS
exchanges, including the algorithms used to integrity protect and
authenticate RADIUS packets and to hide RADIUS attributes.
Negotiation of cryptographic algorithms may occur within the RADIUS
protocol, or within a lower layer such as the transport layer.

Working Group Summary

Work on crypto-agility requirements began at IETF 66. A working
definition of crypto-agility was discussed during the RADEXT WG
session at IETF 68. The initial WG last call completed on August
10, 2008, and the WG last call issues were resolved at IETF 73
and on the mailing list. The document was then reviewed by the
Security Area Director (Pasi Eronen) on February 18, 2009.
The major items brought up during this review and subsequent
discussions related to the role of automated key management,
as well as security properties such as perfect forward secrecy.
The final RADEXT WG last call completed on May 1, 2011.

Document Quality

The document has been reviewed by participants within the IETF RADEXT WG, as well
as by external reviewers. It has completed two RADEXT WG last calls.

Personnel

Bernard Aboba is the document shepherd for this document.
Dan Romascanu is the responsible AD.