Skip to main content

RADIUS EXTensions
charter-ietf-radext-05

The information below is for an older approved charter
Document Charter RADIUS EXTensions WG (radext) Snapshot
Title RADIUS EXTensions
Last updated 2012-12-04
State Approved
WG State Active
IESG Responsible AD Paul Wouters
Charter edit AD Benoît Claise
Send notices to (None)

charter-ietf-radext-05

The RADIUS Extensions Working Group will focus on extensions to the
RADIUS protocol required to expand and enrich the standard attribute
space, address cryptographic algorithm agility, use of new secure
transports and clarify its usage and definition.

In order to maintain interoperation of heterogeneous RADIUS/Diameter
deployments, all RADEXT WG work items except those that just define new
attributes MUST contain a Diameter compatibility section, outlining how
interoperability with Diameter will be maintained.

Furthermore, to ensure backward compatibility with existing RADIUS
implementations, as well as compatibility between RADIUS and Diameter,
the following restrictions are imposed on extensions considered by the
RADEXT WG:

  • All documents produced MUST specify means of interoperation with
    legacy RADIUS and, if possible, be backward compatible with existing
    RADIUS RFCs, including RFCs 2865-2869, 3162, 3575, 3579, 3580,
    4668-4673,4675, 5080, 5090, 5176 and 6158. Transport profiles should, if
    possible, be compatible with RFC 3539.

Work Items
The immediate goals of the RADEXT working group are to address the
following issues:

  • RADIUS attribute space extension. The standard RADIUS attribute space
    is currently being depleted. This document will provide additional
    standard attribute space, while maintaining backward compatibility with
    existing attributes.

  • IEEE 802 attributes. New attributes have been proposed to support IEEE
    802 standards for wired and wireless LANs. This work item will support
    authentication, authorization and accounting attributes needed by IEEE
    802 groups including IEEE 802.1, IEEE 802.11 and IEEE 802.16.

  • New RADIUS transports. A reliable transport profile for RADIUS will be
    developed, as well as specifications for Secure transports, including
    TCP/TLS (RADSEC) and UDP/DTLS.

  • Update and clarification of Network Access Identifiers (RFC4282). This
    work item will correct and clarify issues present with RFC4282 in two
    phases. In first phase, RFC4282bis will be issued to eliminate
    fundamental incompatibilities with RADIUS around character encoding and
    NAI modifications by proxies. In second phase, a fresh review of NAI
    internationalization requirements and behavior will be undertaken with a
    clear goal of maintaining compatibility with RADIUS.

  • Fragmentation of RADIUS packets to support exchanges exceeding the
    existing 4KB limit imposed by RFC 2865.