Datagram Transport Layer Security (DTLS) as a Transport Layer for RADIUS
RFC 7360

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>,
    radext mailing list <radext@ietf.org>,
    radext chair <radext-chairs@tools.ietf.org>
Subject: Document Action: 'DTLS as a Transport Layer for RADIUS' to Experimental RFC (draft-ietf-radext-dtls-13.txt)

The IESG has approved the following document:
- 'DTLS as a Transport Layer for RADIUS'
  (draft-ietf-radext-dtls-13.txt) as Experimental RFC

This document is the product of the RADIUS EXTensions Working Group.

The IESG contact persons are Benoit Claise and Joel Jaeggli.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-radext-dtls/


Technical Summary

  This document specifies how the DTLS protocol may be used as a fix
  for security issues RADIUS has, namely authentication and encryption of
  RADIUS packets.  The document also describes how implementations
  of the solution proposal can co-exist with current RADIUS systems.

Working Group Summary

   The solution is a result of a long process in the WG. One of the last
   sticking issue was multiplexing of DTLS and RADIUS over port 1812.
   WG decided against multiplexing and the DTLS can only be used on
   existing RADSEC port. The WG has reached a consensus on the
   entire documented protocol.

Document Quality

   There are two known implementations and one planned (if not
   done already).

Personnel

   Jouni Korhonen (jouni.nospam@gmail.com) is the document shepherd.
   Benoit Claise (bclaise@cisco.com) is the responsible AD.