RADIUS Extension for Digest Authentication
RFC 5090

Note: This ballot was opened for revision 02 and is now closed.

(Jari Arkko) Yes

Comment (2007-07-03 for -)
No email
send info
I verified diffs to RFC 4590 too. Everything looks good.

(Dan Romascanu) Yes

(Ron Bonica) No Objection

(Ross Callon) No Objection

(Lisa Dusseault) No Objection

Lars Eggert No Objection

(Sam Hartman) No Objection

(Cullen Jennings) (was Discuss, No Objection) No Objection

(Chris Newman) No Objection

Comment (2007-07-04 for -)
No email
send info
Might want to make sure IANA knows to update the RADIUS registry entries
for these parameters to refer to the new RFC when it's published.  The
IANA considerations section didn't say that explicitly.

I question whether RADIUS over IPsec will deploy as widely as HTTPS/SIPS
has.  This makes me wonder if IPsec is an adequate answer to protect
these exchanges, especially given a simple passive eavesdrop of H(A1)
leaves that user's account completely compromised in that realm.

(Jon Peterson) No Objection

(Tim Polk) No Objection

(Mark Townsley) No Objection

(David Ward) No Objection

(Magnus Westerlund) No Objection