Re: A bit of background on [RFC3580] Section 5.3

["Alan DeKok" <aland@ox.org>]

Bernard Aboba <aboba@internaut.com> wrote:
> As a result, Section 5.3 is attempting to discourage the 
> use of PAP and the potential cascading vulnerablities that
> can result. 

  It would be clearer for the average reader is some document said
outright "PAP is deprecated.  Don't use it."

> If PAP cannot be deprecated entirely, then it is best if its 
> use is isolated to accounts that have limited access rights.  

  On the same NAS that uses EAP... leading to leveraged attacks.

> If these principles are followed, it possible to limit the 
> use of PAP without forcing a RADIUS proxy to utilize a 
> different IP address for PAP and EAP authentication.

  Would there be interested in a PAP replacement?  Something like
Tunnel-Password comes to mind.  A 16-bit salt would make attacks more
difficult, but if the salt is coming from the same low-entropy pool as
the RA, I'm not sure it would help.

  Quoting out of order:

> For example, a NAS can attempt to satisfy the global uniqueness
> property by utilizing the IP address in the high order bits of the
> RA and then utilizing a pseudo-random number in the low order bits.

  Is it worth codifying recommendations?  i.e. RA = (IP + counter +
pseudo-random number + ...)  That would help guide implementors, at
least.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>