The IESG has approved the Internet-Draft 'RADIUS Support For Extensible Authentication Protocol (EAP)' <draft-aboba-radius-rfc2869bis-22.txt> as an Informational RFC. This has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact persons are Randy Bush and Bert Wijnen. Technical Summary This specification describes RADIUS attributes supporting the Extensible Authentication Protocol (EAP): EAP-Message and Message-Authenticator. These attributes now have extensive field experience, and so the purpose of this document is to provide clarification and resolve interoperability issues. As noted in [RFC2865], a Network Access Server (NAS) that does not implement a given service MUST NOT implement the RADIUS attributes for that service. This implies that a NAS that is unable to offer EAP service MUST NOT implement the RADIUS attributes for EAP. A NAS MUST treat a RADIUS Access-Accept requesting an unavailable service as an Access-Reject instead. All attributes are comprised of variable length Type-Length-Value 3- tuples. New attribute values can be added without disturbing existing implementations of the protocol. This document updates RFC 2869. Working Group Summary As this document was not the product of an IETF working group, there was no discussion in the origin WG. But the document was brought to the attention of all relevant WGs and a four-week IETF-wide last call was conducted with no negative comments. Protocol Quality This document was reviewed for the IESG by Randy Bush.
