On Tue, 2014-12-23 at 11:13 -0500, Alan DeKok wrote:
Unrelated: If I can mention a small omission in the DTLS rfc is that it doesn't specify a key purpose in the certificates to be used for radius. For web servers the "TLS WWW server authentication" OID is used in extended key usage, but there is no equivalent for DTLS radius servers. The "TLS WWW server authentication” OID is not required by RADIUS. Microsoft requires it for their clients, which is annoying.
I’m not sure there’s a major benefit to adding an OID specifically for RADIUS authentication.
The reason for different key purposes is to prevent cross-protocol attacks, i.e., someone forwarding the radius packets to another service on the same host. This is particularly dangerous with text-based protocols like SMTP and HTTP and a common CA signing all services. Requiring "TLS WWW server authentication" in a radius server certificate is of course wrong as it defeats that purpose. regards, Nikos