Technical Summary
This document specifies how the DTLS protocol may be used as a fix
for security issues RADIUS has, namely authentication and encryption of
RADIUS packets. The document also describes how implementations
of the solution proposal can co-exist with current RADIUS systems.
Working Group Summary
The solution is a result of a long process in the WG. One of the last
sticking issue was multiplexing of DTLS and RADIUS over port 1812.
WG decided against multiplexing and the DTLS can only be used on
existing RADSEC port. The WG has reached a consensus on the
entire documented protocol.
Document Quality
There are two known implementations and one planned (if not
done already).
Personnel
Jouni Korhonen (jouni.nospam@gmail.com) is the document shepherd.
Benoit Claise (bclaise@cisco.com) is the responsible AD.