Last Call: <draft-ietf-radext-radiusdtls-bis-14.txt> (RadSec: RADIUS over Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)) to Proposed Standard

The IESG <iesg-secretary@ietf.org> Mon, 09 February 2026 21:02 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-radext-radiusdtls-bis-14.txt> (RadSec: RADIUS over Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)) to Proposed Standard
Auto-Submitted: auto-generated
Precedence: bulk
Sender: iesg-secretary@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <177067096036.1148439.6223508683688301605@dt-datatracker-6bcfd44575-g5gjh>
Date: Mon, 09 Feb 2026 13:02:40 -0800
Message-ID-Hash: PLGJG3NZVNGBYHVOXVFAPZIBCZ6DH4LX
CC: draft-ietf-radext-radiusdtls-bis@ietf.org, mrcullen42@gmail.com, paul.wouters@aiven.io, radext-chairs@ietf.org, radext@ietf.org, valery@smyslov.net
Reply-To: last-call@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/_JrzUcCrjGzZXcsdmDoC1ieXwmE>

The IESG has received a request from the RADIUS EXTensions WG (radext) to
consider the following document: - 'RadSec: RADIUS over Transport Layer
Security (TLS) and Datagram
   Transport Layer Security (DTLS)'
  <draft-ietf-radext-radiusdtls-bis-14.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2026-02-23. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.


AD Note: There is one issue that came up during WGLC that I would hope to hear
more opinions about related to the Event-Timestamp attribute vs Acct-Time-Delay
attribute, see https://mailarchive.ietf.org/arch/msg/radext/b-Xu-VLvHDfeZljGQNKNayPgiWk/


Abstract


   This document defines transport profiles for running RADIUS over
   Transport Layer Security (TLS) and Datagram Transport Layer Security
   (DTLS), allowing the secure and reliable transport of RADIUS
   messages.  RADIUS/TLS and RADIUS/DTLS are collectively referred to as
   RadSec.

   This document obsoletes RFC6614 and RFC7360, which specified
   experimental versions of RADIUS over TLS and DTLS.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-radext-radiusdtls-bis/



No IPR declarations have been submitted directly on this I-D.


The document contains these normative downward references.
See RFC 3967 for additional information: 
    rfc2866: RADIUS Accounting (Informational - Internet Engineering Task Force (IETF) stream)
    rfc5176: Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS) (Informational - Internet Engineering Task Force (IETF) stream)
    rfc7585: Dynamic Peer Discovery for RADIUS/TLS and RADIUS/DTLS Based on the Network Access Identifier (NAI) (Experimental - Internet Engineering Task Force (IETF) stream)
    rfc7930: Larger Packets for RADIUS over TCP (Experimental - Internet Engineering Task Force (IETF) stream)
    rfc5997: Use of Status-Server Packets in the Remote Authentication Dial In User Service (RADIUS) Protocol (Informational - Internet Engineering Task Force (IETF) stream)

Last Call: <draft-ietf-radext-radiusdtls-bis-14.t… The IESG