The IESG has received a request from the RADIUS EXTensions WG (radext) to consider the following document: - 'DTLS as a Transport Layer for RADIUS' <draft-ietf-radext-dtls-10.txt> as Experimental RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2014-04-30. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The RADIUS protocol defined in RFC 2865 has limited support for authentication and encryption of RADIUS packets. The protocol transports data in the clear, although some parts of the packets can have obfuscated content. Packets may be replayed verbatim by an attacker, and client-server authentication is based on fixed shared secrets. This document specifies how the Datagram Transport Layer Security (DTLS) protocol may be used as a fix for these problems. It also describes how implementations of this proposal can co-exist with current RADIUS systems. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-radext-dtls/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-radext-dtls/ballot/ No IPR declarations have been submitted directly on this I-D.
