Skip to main content

(Datagram) Transport Layer Security ((D)TLS Encryption for RADIUS

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
Authors Jan-Frederik Rieckers , Stefan Winter
Last updated 2024-04-17 (Latest revision 2023-10-15)
Replaces draft-janfred-radext-radiusdtls-bis
RFC stream Internet Engineering Task Force (IETF)
Additional resources Mailing list discussion
Stream WG state WG Document
Associated WG milestone
Jan 2024
6614bis and 7360bis to IESG
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document specifies a transport profile for RADIUS using Transport Layer Security (TLS) over TCP or Datagram Transport Layer Security (DTLS) over UDP as the transport protocol. This enables encrypting the RADIUS traffic as well as dynamic trust relationships between RADIUS servers. The specification obsoletes the experimental specifications in RFC 6614 (RADIUS/TLS) and RFC 7360 (RADIUS/DTLS) and combines them in this specification.


Jan-Frederik Rieckers
Stefan Winter

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)