Network Access Server Requirements

Document Charter Network Access Server Requirements WG (nasreq)
Title Network Access Server Requirements
Last updated 2003-07-21
State Approved
WG State Concluded
IESG Responsible AD (None)
Charter Edit AD (None)
Send notices to (None)


The purpose of this group is to gather and process the requirements of
modern Network Access Servers (NAS) with respect to user-based service
Authentication, Authorization, and usage Accounting. Services being
considered go beyond simple dial-in access, and include Virtual Private
Network support, smart authentication methods, and roaming concerns.
The common thread is demand-based dynamic services requested within a
user authentication model, viewing the NAS as a tool for implementing
network policy and security.

The RADIUS protocol was developed in response to the previous incar-
nation of the Network Access Servers Requirements (NASREQ) BOFs.  The
protocol was a simple but flexible solution to many of the require-
ments in terminal and network access servers at the time.  The RADIUS
Working Group is about to conclude its work on the basic protocol, but
NAS development continues at a rapid pace, and implementations are
trying to use more standards now than when RADIUS began. As we add
more services to NAS boxes, the RADIUS protocol is often stretched and
bent well beyond the original design goals, and often fails to deliver
the desired reliability, functionality, or security.

As NAS installations become larger and more complex, and as NAS services
are virtualized in other servers, the services being authorized require
more sophisticated mechanisms for coordinating policy and resource state
across multiple systems and servers.

The group will work closely with other Working Groups (including 
roamops, pppext, policy, et al.), to serve as input for the group's 
requirements and to identify candidate protocols which may meet those 

This group will document all of the current requirements for services
which fully meet the needs of modern and next generation NAS systems.

Goals and Work items:

        The first goal of the group will be to collect and organize
        functional requirements.  The focus of the requirements will
        center on NAS user authorization.  Functions provided adequately
        by other standardized protocols will be documented as such.
        Requirements will be generated by the members of the BOF/WG,
        with input from the RADIUS WG, the RoamOps WG, the AAA BOF/WG,
        and other groups as required.  The output of this effort will
        be an informational requirements document.

        In parallel, another document will be a survey of the current
        practices that NAS vendors and deployers are engaging in to
        provide similar services, using extensions to RADIUS or pro-
        prietary protocols. The output will become an informational
        survey document.

        The group will review current draft work on RADIUS extension or
        successor protocols and determine their suitability to meeting
        the WG's requirements. The output of this effort will be an
        informational document detailing the evaluation and

        The charter of the group will be reviewed at that time, and
        adjusted according to any new work items and directions.