[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Follow up on Authorize Only issue (was RE: [Isms] ISMS session summary)
"Glen Zorn \(gwz\)" <gwz@cisco.com> wrote:
> OK, yeah, but I didn't say anything about guesses: in that scenario, the
> compromised NAS has saved valid credentials from previous =
> authentications & used them for nefarious purposes.
It could also save authorization parameters, for precisely the same
reason.
> I hope that the issue is not divulging the contents of RADIUS attributes
> but something a bit more serious, like authorizing an imposter.
A compromised NAS can authorize anyone it chooses for any purpose.
If the threat we're trying to avoid is a compromised NAS, then there
is little point in doing more security analysis. The NAS is *inside*
of the RADIUS trust boundary, with all of the side-effects that result.
If the threat we're trying to avoid is someone fooling a trusted NAS
into leaking information about users, then that situation is somewhat
more managable.
Alan DeKok.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>