@techreport{moskowitz-radius-client-kickstart-01,
    number =    {draft-moskowitz-radius-client-kickstart-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-moskowitz-radius-client-kickstart/01/},
    author =    {Robert Moskowitz},
    title =     {{RADIUS Client Kickstart}},
    pagetotal = 14,
    year =      2003,
    month =     oct,
    day =       27,
    abstract =  {RADIUS servers {[}2{]} require foreknowledge of the IP address of the RADIUS clients, as the shared secret is bound to the address. This has been a manageable situation when the RADIUS Clients were just NASs (Network Access Servers). With the advent of IEEE 802.1x {[}3{]}, there is a significant increase in RADIUS clients in organizations not prepared to have the RADIUS Clients use fixed IP addresses and manage the shared secret. To address the concerns of the IEEE 802.1 and 802.11 Task Groups a level of indirection is added; a Master secret bound to the name of the RADIUS client. This Master secret is created by the Shared Secret Provisioning Protocol {[}4{]}. For RADIUS Client Kickstart, SSPP is run over SNMP {[}5{]}. The Master Secret is used in an initial RADIUS exchange to create a session secret that is used as the normal RADIUS client shared secret. SSPP can be used to change the Master Secret whenever required.},
}