Skip to main content

Concluded WG RADIUS EXTensions (radext)

Note: The data for concluded WGs is occasionally incorrect.

WG Name RADIUS EXTensions
Acronym radext
Area Operations and Management Area (ops)
State Concluded
Charter charter-ietf-radext-06 Approved
Document dependencies
Additional resources Additional RADEXT Web Page
Issue tracker, Wiki
Personnel Chairs Lionel Morand, Stefan Winter
Area Director Benjamin Kaduk
Liaison Contacts Lionel Morand, Stefan Winter
Mailing list Address radext@ietf.org
To subscribe https://www.ietf.org/mailman/listinfo/radext
Archive https://mailarchive.ietf.org/arch/browse/radext/

Closing note for Working Group

RADEXT has achieved a substantial amount of work, successfully completing all chartered work for which sufficient energy existed to advance a solution document. The mailing list will remain open for discussion of RADIUS-related topics, with the expectation that specific concrete work items will typically be directed OPSAWG for processing. Should a community of interest arise to republish the core RADIUS specifications on the standards track, RADEXT might be reopened after a new chartering process to confirm the scope of and interest in the proposed work.

Final Charter for Working Group

The RADIUS Extensions Working Group will focus on extensions to the
RADIUS protocol pending approval of the new work from the Area Director
and clarify its usage and definition.

Furthermore, to ensure backward compatibility with existing RADIUS
implementations, as well as compatibility between RADIUS and Diameter,
the following restriction is imposed on extensions considered by the
RADEXT WG:
All documents produced must specify means of interoperation with legacy
RADIUS and, if possible, be backward compatible with existing RADIUS
RFCs, including RFCs 2865-2869, 3162, 3575, 3579, 3580, 4668-4673,4675,
5080, 5090, 5176 and 6158. Transport profiles should, if possible, be
compatible with RFC 3539.

The WG will review its existing RFCs' document track categories and
where necessary or useful change document tracks, with minor changes in
the documents if needed. Any changes to document tracks require approval
by the responsible Area Director.

Work Items

The immediate goals of the RADEXT working group are to address the
following issues:

- CoA proxying. RFC 5176 permits proxying of CoA and Disconnect
messages, but makes no provisions for how that is done in a roaming
environment. This work item will provide descriptions of how to use
the Operator-Name attribute in a roaming environment to proxy CoA
packets in a way that ensures only authorized proxies can send these
packets to the home CoA server.

- Encoding Rules for EAP-Response/Identity packets over RADIUS. Neither
EAP (RFC3748) nor EAP over RADIUS (RFC3579) demand specific character
encoding and normalisation rules for EAP Identity responses. RADIUS
(RFC2865) requires User-Name attributes to be encoded in UTF-8. When a NAS
simply performs an exact copy of an EAP-Identity into a User-Name, invalid
packets might be produced. This document will suggest restrictions on EAP
Identities so that transport over AAA becomes correct under all circumstances
(UTF-8) and deterministic (normalisation).

- Data Types. RFC 2865 defines a number of data types, but later
documents do not use those types in a consistent way. This work item
will define data types, and update the IANA RADIUS Attribute Type
registry so that each attribute has a data type. Where necessary, it
will correct issues with previous specifications.

- Larger Packets. Support RADIUS packets greater than 4096-octets over
RADIUS transports with this capability.

- RADIUS Attributes for IP Port Configuration and Reporting. These
attributes are used by devices that implement IP port ranges to
configure and report TCP/UDP ports and ICMP identifiers, as well as
mapping behaviors. These attributes can be used in the context of
address sharing (e.g., NAT44 [RFC3022], Dual-Stack Lite AFTR [RFC6333],
CGN [RFC6888], NAT64 [RFC6146], Provider WLAN (e.g., [TR-146]), etc.).

Milestones

Date Milestone Associated documents
Nov 2016 Submit Populating EAP Identity as BCP RFC

Done milestones

Date Milestone Associated documents
Done Data Types as Informational RFC draft-ietf-radext-datatypes
Done IP Port RADIUS Extensions as Standards Track RFC draft-ietf-radext-ip-port-radius-ext
Done Submit CoA Proxying as Standards Track RFC draft-ietf-radext-coa-proxy
Done Larger Packets for RADIUS over TCP I-D submitted as an Experimental RFC draft-ietf-radext-bigger-packets
Done RADIUS packet fragmentation submitted as an Experimental RFC
Done Dynamic Discovery I-D submitted as a Proposed Standard RFC
Done RFC 4282bis submitted as a Proposed Standard RFC