Skip to main content

RADIUS EXTensions
charter-ietf-radext-05-02

The information below is for an older proposed charter
Document Proposed charter RADIUS EXTensions WG (radext) Snapshot
Title RADIUS EXTensions
Last updated 2015-07-09
State Start Chartering/Rechartering (Internal Steering Group/IAB Review) Rechartering
WG State Active
IESG Responsible AD Paul Wouters
Charter edit AD Kathleen Moriarty
Send notices to (None)

charter-ietf-radext-05-02

The RADIUS Extensions Working Group will focus on extensions to the
RADIUS protocol pending approval of the new work from the Area Director
and clarify its usage and definition.

Furthermore, to ensure backward compatibility with existing RADIUS
implementations, as well as compatibility between RADIUS and Diameter,
the following restriction is imposed on extensions considered by the
RADEXT WG:
All documents produced must specify means of interoperation with legacy
RADIUS and, if possible, be backward compatible with existing RADIUS
RFCs, including RFCs 2865-2869, 3162, 3575, 3579, 3580, 4668-4673,4675,
5080, 5090, 5176 and 6158. Transport profiles should, if possible, be
compatible with RFC 3539.

The WG will review its existing RFCs' document track categories and
where necessary or useful change document tracks, with minor changes in
the documents if needed. Any changes to document tracks require approval
by the responsible Area Director.

Work Items

The immediate goals of the RADEXT working group are to address the
following issues:

  • CoA proxying. RFC 5176 permits proxying of CoA and Disconnect
    messages, but makes no provisions for how that is done in a roaming
    environment. This work item will provide descriptions of how to use
    the Operator-Name attribute in a roaming environment to proxy CoA
    packets in a way that ensures only authorized proxies can send these
    packets to the home CoA server.
    The document will be Informational, in line with the CoA document
    (RFC5176).

  • Encoding Rules for EAP-Response/Identity packets over RADIUS. Neither
    EAP (RFC3748) nor EAP over RADIUS (RFC3579) demand specific character
    encoding and normalisation rules for EAP Identity responses. RADIUS
    (RFC2865) requires User-Name attributes to be encoded in UTF-8. When a
    NAS is simply performs an exact copy of an EAP-Identity into a User-Name,
    invalid packets might be produced. This document will suggest
    restrictions on EAP Identities so that transport over AAA becomes
    correct under all circumstances (UTF-8) and deterministic (normalisation).

  • Data Types. RFC 2865 defines a number of data types, but later
    documents do not use those types in a consistent way. This work item
    will define data types, and update the IANA RADIUS Attribute Type
    registry so that each attribute has a data type. Where necessary, it
    will correct issues with previous specifications. This will be a
    standards track document.

  • Larger Packets. Support RADIUS packets greater than 4096-octets over
    RADIUS transports with this capability.

  • RADIUS Attributes for IP Port Configuration and Reporting. These
    attributes are used by devices that implement IP port ranges to
    configure and report TCP/UDP ports and ICMP identifiers, as well as
    mapping behaviors. These attributes can be used in the context of
    address sharing (e.g., NAT44 [RFC3022], Dual-Stack Lite AFTR [RFC6333],
    CGN [RFC6888], NAT64 [RFC6146], Provider WLAN (e.g., [TR-146]), etc.).