Markdown Version | Session Recording

Session Date/Time: 20 Mar 2024 03:00

radext

Summary

This radext session at IETF 119 covered a range of topics, including updates on existing drafts, discussion of security best practices, and presentations on integrating RADIUS with emerging technologies like open roaming and 5G. Key discussions centered on the RADIUS-TLS draft, specifically regarding TLS 1.3 and DTLS requirements, as well as adoption of the "reverse COA" draft as a working group document.

Key Discussion Points

• RADIUS-TLS (DTLS) Update:
  • Discussion on whether to mandate TLS 1.3. Concerns raised about availability of open-source DTLS 1.3 implementations. Agreement to follow RFC 9325 for guidance on TLS versions. Decision to seek input from the TLS working group.
  • Need for reviews.
• Reverse COA:
  • Document deemed ready for working group last call.
• Deprecating Radius Security Practices:
  • Discussion of publishing this document in conjunction with the RADIUS-TLS document to provide a clear upgrade path. Emphasis on the need to address vulnerable technologies like MS-CHAP.
• Open Roaming:
  • Presentation on Open Roaming architecture and its reliance on IETF protocols. Discussion on how to progress the related internet draft, with considerations of working group adoption versus individual submission.
• 5G Attributes:
  • Presentation on RADIUS attributes for 5G authentication. Interest in reusing existing RADIUS infrastructure in enterprise environments with 5G deployments. Feedback that the document looks straightforward but new work items will be paused until after DTLS is out.

Decisions and Action Items

• RADIUS-TLS (DTLS):
  • Valerie to send the document to the TLS working group chairs for review.
  • Authors to incorporate Alan's reviews before sending for TLS review.
• Reverse COA:
  • Chairs to send the "reverse COA" draft to working group last call.
• Open Roaming:
  • Authors to discuss further with the AD (Paul) on the proper path for publication.
• 5G Attributes:
  • No actions taken at this time due to work item freeze.

Next Steps

• Authors to address feedback and submit revised drafts as needed.
• Working group to focus on completing the RADIUS-TLS (DTLS) document.
• Continue discussions on the mailing list.