The RADIUS EXTensions (radext) working group in the Operations and Management Area of the IETF has been rechartered. For additional information please contact the Area Directors or the WG Chairs. RADIUS EXTensions (radext) ------------------------------------------------ Current Status: Active Working Group Chairs: Jouni Korhonen <jouni.nospam@gmail.com> Mauricio Sanchez <mauricio.sanchez@hp.com> Technical advisors: Paul Congdon <paul.congdon@hp.com> Assigned Area Director: Benoit Claise <bclaise@cisco.com> Mailing list Address: radext@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/radext Archive: http://www.ietf.org/mail-archive/web/radext/ Charter of Working Group: The RADIUS Extensions Working Group will focus on extensions to the RADIUS protocol required to expand and enrich the standard attribute space, address cryptographic algorithm agility, use of new secure transports and clarify its usage and definition. In order to maintain interoperation of heterogeneous RADIUS/Diameter deployments, all RADEXT WG work items except those that just define new attributes MUST contain a Diameter compatibility section, outlining how interoperability with Diameter will be maintained. Furthermore, to ensure backward compatibility with existing RADIUS implementations, as well as compatibility between RADIUS and Diameter, the following restrictions are imposed on extensions considered by the RADEXT WG: - All documents produced MUST specify means of interoperation with legacy RADIUS and, if possible, be backward compatible with existing RADIUS RFCs, including RFCs 2865-2869, 3162, 3575, 3579, 3580, 4668-4673,4675, 5080, 5090, 5176 and 6158. Transport profiles should, if possible, be compatible with RFC 3539. Work Items The immediate goals of the RADEXT working group are to address the following issues: - RADIUS attribute space extension. The standard RADIUS attribute space is currently being depleted. This document will provide additional standard attribute space, while maintaining backward compatibility with existing attributes. - IEEE 802 attributes. New attributes have been proposed to support IEEE 802 standards for wired and wireless LANs. This work item will support authentication, authorization and accounting attributes needed by IEEE 802 groups including IEEE 802.1, IEEE 802.11 and IEEE 802.16. - New RADIUS transports. A reliable transport profile for RADIUS will be developed, as well as specifications for Secure transports, including TCP/TLS (RADSEC) and UDP/DTLS. - Update and clarification of Network Access Identifiers (RFC4282). This work item will correct and clarify issues present with RFC4282 in two phases. In first phase, RFC4282bis will be issued to eliminate fundamental incompatibilities with RADIUS around character encoding and NAI modifications by proxies. In second phase, a fresh review of NAI internationalization requirements and behavior will be undertaken with a clear goal of maintaining compatibility with RADIUS. - Fragmentation of RADIUS packets to support exchanges exceeding the existing 4KB limit imposed by RFC 2865. Milestones: Done - Updates to RFC 2618-2621 RADIUS MIBs submitted for publication Done - SIP RADIUS authentication draft submitted as a Proposed Standard RFC Done - RFC 2486bis submitted as a Proposed Standard RFC Done - RFC 3576 MIBs submitted as an Informational RFC Done - RADIUS VLAN and Priority Attributes draft submitted as a Proposed Standard RFC (reduced in scope) Done - RADIUS Implementation Issues and Fixes draft submitted as an Informational RFC Done - RADIUS Filtering Attributes draft submitted as a Proposed Standard RFC (split out from VLAN & Priority draft) Done - RFC 3576bis submitted as an Informational RFC (split out from Issues & Fixes draft) Done - RADIUS Redirection Attributes draft submitted as a Proposed Standard RFC (split out from VLAN & Priority draft) Done - RADIUS Design Guidelines submitted as a Best Current Practice RFC Done - RADIUS Management Authorization I-D submitted as a Proposed Standard RFC Done - Reliable Transport Profile for RADIUS I-D submitted as a Proposed Standard RFC Done - Status-Server I-D submitted as a Proposed Standard RFC Done - RADSEC (RADIUS over TCP/TLS) draft submitted as an Experimental RFC Done - RADIUS Crypto-agility Requirements submitted as an Informational RFC Dec 2012 - IPv6 Access I-D submitted as a Proposed Standard RFC Dec 2012 - RFC 4282bis submitted as a Proposed Standard RFC Dec 2012 - Extended Attributes I-D submitted as a Proposed Standard RFC Dec 2012 - Dynamic Discovery I-D submitted as a Proposed Standard RFC Dec 2012 - IEEE 802 Attributes I-D submitted as a Proposed Standard RFC Jan 2013 - RADIUS over DTLS I-D submitted as an Experimental RFC Feb 2013 - RADIUS packet fragmentation submitted as an Experimental RFC