datatracker.ietf.org
Sign in
Version 5.3.0, 2014-04-12
Report a bug

RADIUS EXTensions
charter-ietf-radext-05

Charter for "RADIUS EXTensions" (radext) WG
WG State: Active
Charter State:
Responsible AD: Benoit Claise

Send notices to: none
Last updated: 2012-12-04

Other versions: plain text

Charter charter-ietf-radext-05

The RADIUS Extensions Working Group will focus on extensions to the 
RADIUS protocol required to expand and enrich the standard attribute 
space, address  cryptographic algorithm agility, use of new secure 
transports and clarify its usage and definition.

In order to maintain interoperation of heterogeneous RADIUS/Diameter 
deployments, all RADEXT WG work items except those that just define new 
attributes MUST contain a Diameter compatibility section, outlining how 
interoperability with Diameter will be maintained.

Furthermore, to ensure backward compatibility with existing RADIUS  
implementations, as well as compatibility between RADIUS and Diameter, 
the following restrictions are imposed on extensions considered by the 
RADEXT WG:

- All documents produced MUST specify means of interoperation with 
legacy RADIUS and, if possible, be backward compatible with existing 
RADIUS RFCs, including RFCs 2865-2869, 3162, 3575, 3579, 3580, 
4668-4673,4675, 5080, 5090, 5176 and 6158. Transport profiles should, if 
possible, be compatible with RFC 3539.

Work Items
The immediate goals of the RADEXT working group are to address the 
following issues:

- RADIUS attribute space extension. The standard RADIUS attribute space 
is currently being depleted. This document will provide additional 
standard attribute space, while maintaining backward compatibility with 
existing attributes.

- IEEE 802 attributes. New attributes have been proposed to support IEEE 
802 standards for wired and wireless LANs. This work item will support 
authentication, authorization and accounting attributes needed by IEEE 
802 groups including IEEE 802.1, IEEE 802.11 and IEEE 802.16.

- New RADIUS transports. A reliable transport profile for RADIUS will be 
developed, as well as specifications for Secure transports, including 
TCP/TLS (RADSEC) and UDP/DTLS.

- Update and clarification of Network Access Identifiers (RFC4282). This 
work item will correct and clarify issues present with RFC4282 in two 
phases.  In first phase, RFC4282bis will be issued to eliminate 
fundamental incompatibilities with RADIUS around character encoding and 
NAI modifications by proxies.  In second phase, a fresh review of NAI 
internationalization requirements and behavior will be undertaken with a 
clear goal of maintaining compatibility with RADIUS.

- Fragmentation of RADIUS packets to support exchanges exceeding the 
existing 4KB limit imposed by RFC 2865.