[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [radext] #89: Key Wrap and Password Hiding Requirements

To: bernard_aboba@hotmail.com
Subject: Re: [radext] #89: Key Wrap and Password Hiding Requirements
From: "radext issue tracker" <trac+radext@zinfandel.tools.ietf.org>
Date: Sat, 09 Apr 2011 20:56:02 -0000
Auto-submitted: auto-generated
Cc: radiusext@ops.ietf.org
In-reply-to: <066.cff106be913743859c8f78dbb4aeb58d@trac.tools.ietf.org>
References: <066.cff106be913743859c8f78dbb4aeb58d@trac.tools.ietf.org>
Reply-to: radiusext@ops.ietf.org

#89: Key Wrap and Password Hiding Requirements

Changes (by bernard_aboba@â):

  * status:  new => closed
  * resolution:  => fixed


Comment:

 Proposed Resolution:

 Change the following text in Section 4.2:

    It is RECOMMENDED that solutions provide support for confidentiality,
    either by supporting encryption of entire RADIUS packets or by
    encrypting individual RADIUS attributes.  This includes providing
    support for improving the confidentiality of existing encrypted
    (sometimes referred to as "hidden") attributes as well as encrypting
    attributes (such as location attributes) that are currently
    transmitted in cleartext.  Proposals supporting confidentiality MUST
    support the negotiation of cryptographic algorithms for encryption.

 To:

    It is RECOMMENDED that solutions provide support for confidentiality,
    either by supporting encryption of entire RADIUS packets or by
    encrypting individual RADIUS attributes.  Proposals supporting
    confidentiality MUST support the negotiation of cryptographic
    algorithms for encryption.

    Solutions providing for encryption of entire RADIUS packets need not
    also provide support for encryption of individual RADIUS attributes.
    Solutions providing for encryption of individual RADIUS attributes
    are REQUIRED to provide support for improving the confidentiality of
    existing encrypted (sometimes referred to as "hidden") attributes as
    well as encrypting attributes (such as location attributes) that are
    currently transmitted in cleartext.

-- 
---------------------------------------+------------------------------------
 Reporter:  bernard_aboba@â            |        Owner:            
     Type:  defect                     |       Status:  closed    
 Priority:  critical                   |    Milestone:  milestone1
Component:  Crypto-Agility             |      Version:  1.0       
 Severity:  Active WG Document         |   Resolution:  fixed     
 Keywords:                             |  
---------------------------------------+------------------------------------

Ticket URL: <http://wiki.tools.ietf.org/wg/radext/trac/ticket/89#comment:1>
radext <http://tools.ietf.org/radext/>


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- [radext] #89: Key Wrap and Password Hiding Requirements
  - From: "radext issue tracker" <trac+radext@zinfandel.tools.ietf.org>

Prev by Date: Consensus poll for IANA #409959 NAS-Port-Type value request
Next by Date: [radext] #92: End-to-end versus hop-by-hop confidentiality
Previous by thread: [radext] #89: Key Wrap and Password Hiding Requirements
Next by thread: [radext] #90: Process for publication and selection
Index(es):
- Date
- Thread