A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Shared Secret Key update for RADIUS Accounting Author : Jungsoo Park Filename : draft-park-radext-ssk-update-00.txt Pages : 8 Date : 2014-07-02 Abstract: There is a shared secret key in the existing method to authenticate RADIUS accounting messages between the RADIUS server and the access point. If this key is exposed, the attacker can utilize this key to operate the Rogue AP as a normal AP. In this case, a problem arises regarding to the creation of forged user accounting information and transmission to the RADIUS Server. Furthermore, there is some inconvenience for the administrators because each server and AP have to be accessed directly to configure the SSK. This draft proposes the technique for periodic updates of the shared secret key by the RADIUS server to resolve this problem. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-park-radext-ssk-update/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-park-radext-ssk-update-00 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt