[radext] I-D Action: draft-ietf-radext-radiusv11-04.txt
internet-drafts@ietf.org Mon, 26 February 2024 19:24 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: radext@ietf.org
Delivered-To: radext@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 15043C151557; Mon, 26 Feb 2024 11:24:49 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: radext@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.6.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: radext@ietf.org
Message-ID: <170897548906.9314.17831962914960669201@ietfa.amsl.com>
Date: Mon, 26 Feb 2024 11:24:49 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/vOxIZffAasoOXoodIwwmQumTRu0>
Subject: [radext] I-D Action: draft-ietf-radext-radiusv11-04.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Feb 2024 19:24:49 -0000
Internet-Draft draft-ietf-radext-radiusv11-04.txt is now available. It is a work item of the RADIUS EXTensions (RADEXT) WG of the IETF. Title: RADIUS ALPN and removing MD5 Author: Alan DeKok Name: draft-ietf-radext-radiusv11-04.txt Pages: 38 Dates: 2024-02-26 Abstract: This document defines Application-Layer Protocol Negotiation Extensions for use with RADIUS/TLS and RADIUS/DTLS. These extensions permit the negotiation of an additional application protocol for RADIUS over (D)TLS. No changes are made to RADIUS/UDP or RADIUS/TCP. The extensions allow the negotiation of a transport profile where the RADIUS shared secret is no longer used, and all MD5-based packet signing and attribute obfuscation methods are removed. When this extension is used, the previous Authenticator field is repurposed to contain an explicit request / response identifier, called a Token. The Token also allows more than 256 packets to be outstanding on one connection. This extension can be seen as a transport profile for RADIUS, as it is not an entirely new protocol. It uses the existing RADIUS packet layout and attribute format without change. As such, it can carry all present and future RADIUS attributes. Implementation of this extension requires only minor changes to the protocol encoder and decoder functionality. The protocol defined by this extension is named "RADIUS version 1.1", or "RADIUS/1.1". The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-radext-radiusv11/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-radext-radiusv11-04.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-radext-radiusv11-04 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts
- [radext] I-D Action: draft-ietf-radext-radiusv11-… internet-drafts