[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Gen-ART LC review of draft-ietf-radext-tcp-transport-06.txt

To: Glenn Kowack <glenn@RiverOnce.com>
Subject: Re: Gen-ART LC review of draft-ietf-radext-tcp-transport-06.txt
From: Alan DeKok <aland@deployingradius.com>
Date: Mon, 24 May 2010 10:10:20 +0200
Cc: gen-art@ietf.org, 'radext mailing list' <radiusext@ops.ietf.org>
In-reply-to: <1E9286E3-285A-46E7-8823-25B00D6AE38A@riveronce.com>
References: <1E9286E3-285A-46E7-8823-25B00D6AE38A@riveronce.com>
User-agent: Thunderbird 2.0.0.24 (Macintosh/20100228)

Glenn Kowack wrote:
> Major issues: None.
> 
> Minor issues:
> 
> Abstract:
> “The Remote Authentication Dial In User Server (RADIUS) Protocol has
> traditionally used the User Datagram Protocol (UDP) as its underlying
> transport layer.”
> 
> Does ‘traditional’ here mean as defined by the specification or is UDP
> use optional?

  It means "as defined by the spec".  Until now, UDP has been mandatory.

> “It is not intended to define TCP as a transport protocol for RADIUS in
> the absence of TLS.”
> 
> This might be interpreted by some as disingenuous.  Would it be clearer
> to say: “The specification only provides for use of TCP with TLS.  Other
> uses of TCP are out of scope.” ? 

  Later reviews suggested:

It is not intended to define TCP as a transport protocol for RADIUS in
the absence of a secure transport layer.

> *1. Introduction*
..
> That is, the document says there are inherent reasons why TCP is not
> appropriate, and then says the reason is lack of experience.  This
> should be unwound and clarified.  

  Later reviews suggested:

Since "bare" TCP does not provide for confidentiality or enable
negotiation of credible ciphersuites, its use is not appropriate for
inter-server communications where strong security is required.  As a
result "bare" TCP transport MUST NOT be used without TLS, IPsec, or
other secure upper layer.

"Bare" TCP transport MAY, however, be used when another method such as
IPSec [RFC4301] is used to provide additional confidentiality and
security.  Should experience show that such deployments are useful,
this specification could be moved to standards track.

  I think that text is clearer.

> *1.1. Applicability of Reliable Transport *
> 
> “For a system with a million logins a day running EAP-TLS mutual
> authentication with 15 round-trips, and having a packet loss probability
> of P=0.01%, we expect that 0.3% of connections will experience at least
> one lost packet. That is, 3,000 user sessions each day will experience
> authentication failure. This is an unacceptable failure rate for a
> mass-market network service.”
> 
> Can the document state an acceptable level of failure, and a supporting
> citation?

  Umm... no.  No one is willing to share data.  The above numbers are
based on hallroom conversations with roaming implementors.

> 
> Nits/editorial comments:
> *
> *
> 
> *1. Introduction*
> 
> *“The RADIUS Protocol has been defined in [RFC2865] as using the User
> Datagram Protocol (UDP) for the underlying transport layer.”*
> 
> Present tense would be clearer, unless 2865 is no longer applicable. 

  Agreed.

> “2.4, there are also some limitations:
> 
> * Unreliable transport. As a result, systems using RADIUS have to
> implement application-layer timers and re-transmissions, as described in
> [RFC5080] Section 2.2.1.”
> 
> Add a blank line between the ‘2.4’ line and the first bullet item, per
> the rest of the document.

  Done.

> “As RADIUS is widely deployed, and has been widely deployed for well
> over a decade, these issues have been minor in some use-cases, and
> problematic in others.”
> 
> The leading ‘as’ is awkward and not necessary, per this example: “RADIUS
> has been widely deployed for well over a decade, and still
> is.  Experience shows issues that are minor in some use-cases, and
> problematic in others.”

  Agreed.

> *2.3. Management Information Base (MIB)*
> 
> “The MIB Module definitions in [RFC4668], [RFC4669], [RFC4670],
> [RFC4671], [RFC4672], and [RFC4673] ……… SHOULD NOT re-use these MIB
> Modules to perform statistics for RADIUS over TCP connections.w”
> 
> Typo: trailing ‘w’ at end of paragraph. 

  Fixed.

> *2.4. Detecting Live Servers*
> 
> “As RADIUS is a "hop by hop" protocol, a RADIUS proxy effectively
> shields the client from any information about downstream servers.”
> 
> ‘effectively’ adds nothing here. However, this change is stylistic and
> at the discretion of the author. 

  I'll delete it.

> “When UDP was used as a transport protocol…”
> 
> Present tense is more appropriate.

  Agreed.

> *2.6.1. Duplicates and Retransmissions*
> 
> “In that situation, RADIUS request MAY be retransmitted to another
> server that known to be part of the same pool.”
> 
> s/that known/that is known/

  Fixed.

> [ Running a grammar checker (e.g., in MSWord) should have found this. ]

  vi + nroff? :(

> *2.6.4. Malformed Packets and Unknown Clients*
> 
> “After applying the above rules, there are still situations where the
> previous specifications allow a packet to be "silently discarded". In
> these situations, the TCP connections MAY remain open, or MAY be closed,
> as an implementation choice. However, the invalid packet MUST be
> silently discarded.
> 
> * Packet with an invalid code field
> 
> * Response packets that do not match any outstanding request
> 
> These requirements minimize the possibility for a misbehaving client or
> server to wreak havoc on the network.”
> 
> This section would be clearer if the two bullets immediately followed
> where they are first mentioned, after “…allow a packet to be “silently
> discarded.”"

  Agreed.

> Also, does the author mean ‘minimize’ or just ‘reduce’, above?

  "reduce".  I'll fix it for the next revision.

> *2.6.5. Limitations of the ID Field*
> 
> “…there would be no free Id to use…”
> 
> s/Id/ID/
> 
> This reviewer would like to observe that this is one of the most astute
> and downright clever Freudian observations about the IETF that he has
> seen in many years.  He takes his hat off to the author. Sadly,
> accurately using upper-case-D ‘ID’ regrettably MUST win out over
> literary invention.

  Yes... fixed for the next revision.

> “should reserve ID zero on each”
> 
> s/ID zero on each/ID zero (0) on each/

  Fixed.

>  “Implementors may be tempted to extend RADIUS to permit more than 256
> outstanding packets on one connection.  However, doing so will
> likely require fundamental changes to the RADIUS protocol, and as such,
> is outside of the scope of this specification.”
> 
> Two points are confounded here, as illustrated by:
> 
>      Implementors may be tempted to extend RADIUS to permit more than
> 256 outstanding packets on one connection.  However, doing so is a
> violation of a fundamental part of the protocol and SHOULD NOT be
> done.  Making that extension here is outside of the scope of this
> specification.

  Agreed.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: I-D Action:draft-ietf-radext-tcp-transport-07.txt
Next by Date: FW: [Dime] FW: I-D Action:draft-zorn-dime-rfc4005bis-01.txt
Previous by thread: I-D Action:draft-ietf-radext-tcp-transport-07.txt
Next by thread: Re: Gen-ART LC review of draft-ietf-radext-tcp-transport-06.txt
Index(es):
- Date
- Thread