Re: [radext] Fwd: RFC 7360 on Datagram Transport Layer Security (DTLS) as a Transport Layer for RADIUS

"Leaf Yeh" <> Fri, 05 September 2014 08:59 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 528501A0487 for <>; Fri, 5 Sep 2014 01:59:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id HV53S8Pr45Pa for <>; Fri, 5 Sep 2014 01:59:23 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4001:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1E1C81A0478 for <>; Fri, 5 Sep 2014 01:59:23 -0700 (PDT)
Received: by with SMTP id at20so890530iec.36 for <>; Fri, 05 Sep 2014 01:59:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=message-id:from:to:references:in-reply-to:subject:date:mime-version :content-type:thread-index:content-language; bh=SgYW8i5ndvB0+WlYD+lCNTAYtkR3qb4IWC9d58cfTU8=; b=Moi44XbO6uy2nMEhu1Dkn9Au74p/yjYwcbn6xBohEk0apBkx4kkB54T2mV11I1T8BI /UUlYJeX4MsG4b87H/QSMiPnPxEALsDPOoKk2Uhnvb8e7ge4MZOc6BY+hlVuQIHdgfEO wPKd6Jkiesn4NMroYwaYFFZBnxjLcHpT4wda6ULJ+2+/NECXcMG5GCXKsjY8TkOvwCm+ zGuwyJ6tEU17fYCy91vG/98GWBNsbKQWQHHKBZCxqO8DkSjeVd9woOzONLwSatIhAbDJ vLDLTUXQL6sFR12oTcIq8GqFTuaM6fMYD1siWsMEREq7ixghhVryJ0jblZuig8AOi05I 8ZmQ==
X-Received: by with SMTP id qk10mr19080374pac.70.1409907560790; Fri, 05 Sep 2014 01:59:20 -0700 (PDT)
Received: from PC ([]) by with ESMTPSA id gr5sm1223012pbc.33.2014. for <> (version=TLSv1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 05 Sep 2014 01:59:20 -0700 (PDT)
Message-ID: <>
X-Google-Original-Message-ID: <001d01cfc8e7$82464e80$86d2eb80$>
From: "Leaf Yeh" <>
To: <>
References: <> <>
In-Reply-To: <>
Date: Fri, 5 Sep 2014 16:58:03 +0800
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_001E_01CFC92A.90698E80"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac/I5cvX5XriyltFRgy35LLDmpRYOAAAZo5w
Content-Language: zh-cn
Subject: Re: [radext] Fwd: RFC 7360 on Datagram Transport Layer Security (DTLS) as a Transport Layer for RADIUS
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 05 Sep 2014 08:59:25 -0000






Best Regards,





From: radext [] On Behalf Of Jouni
Sent: Friday, September 05, 2014 4:45 PM
Subject: [radext] Fwd: RFC 7360 on Datagram Transport Layer Security (DTLS) as a Transport Layer for RADIUS


Congratulations to Alan and the WG for completing this RFC. 


Jouni Korhonen



(Sent from my mobile..)

Välitetty viesti:

Päiväys: 5. syyskuuta 2014 3.29.58 UTC+3
Aihe: [radext] RFC 7360 on Datagram Transport Layer Security (DTLS) as a Transport Layer for RADIUS

A new Request for Comments is now available in online RFC libraries.

       RFC 7360

       Title:      Datagram Transport Layer Security (DTLS) 
                   as a Transport Layer for RADIUS 
       Author:     A. DeKok
       Status:     Experimental
       Stream:     IETF
       Date:       September 2014
       Pages:      27
       Characters: 60007
       Updates/Obsoletes/SeeAlso:   None

       I-D Tag:    draft-ietf-radext-dtls-13.txt


The RADIUS protocol defined in RFC 2865 has limited support for
authentication and encryption of RADIUS packets.  The protocol
transports data in the clear, although some parts of the packets can
have obfuscated content.  Packets may be replayed verbatim by an
attacker, and client-server authentication is based on fixed shared
secrets.  This document specifies how the Datagram Transport Layer
Security (DTLS) protocol may be used as a fix for these problems.  It
also describes how implementations of this proposal can coexist with
current RADIUS systems.

This document is a product of the RADIUS EXTensions Working Group of the IETF.

EXPERIMENTAL: This memo defines an Experimental Protocol for the
Internet community.  It does not specify an Internet standard of any
kind. Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see

For searching the RFC series, see
For downloading RFCs, see

Requests for special distribution should be addressed to either the
author of the RFC in question, or to  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

The RFC Editor Team
Association Management Solutions, LLC

radext mailing list