Remote Authentication Dial-In User Service (radius) --------------------------------------------------- Charter Last Modified: 22-Mar-99 Current Status: Active Working Group Chair(s): Carl Rigney Operations and Management Area Director(s): Randy Bush Bert Wijnen Operations and Management Area Advisor: Randy Bush Mailing Lists: General Discussion:ietf-radius@livingston.com To Subscribe: ietf-radius-request@livingston.com In Body: subscribe ietf-radius Archive: ftp://ftp.livingston.com/pub/radius/archive Description of Working Group: Background: The original specification for and implementation of RADIUS was written by Steve Willens of Livingston Enterprises in response to a need outlined by the earlier NASREQ working group, and has been deployed by multiple vendors over the past 3 years. No other working group appears to be addressing the topic of communicating authentication and authorization information between a Network Access Server and a central authentication & authorization server, and general consensus is that standardization of such a protocol would be extremely useful. This working group will produce four documents: 1) By early '96, an informational RFC documenting the RADIUS protocol already deployed for use by a Network Access Server (NAS) to communicate with a remote Authentication & Authorization database server, with minor amendments reflecting field experience of several implementations over several years at hundreds of sites. 2) By February '96, an informational RFC describing RADIUS Accounting. 3) By early '97, a full standard RFC documenting the RADIUS protocol, addressing any operational or security issues raised concerning the informational RFC. This document will obsolete goal 1. (If the Internet-Draft for goal 1 is deemed suitable by the IESG for release as a Proposed Standard instead of informational, then goals 1 and 3 will be merged.) 4) Starting in February '96 and concluding in '97, a RADIUS Extensions RFC documenting extensions for additional functionality within the RADIUS framework, which will be interoperable with the base RADIUS defined in the document for goal 3. The intent in goals 1 through 3 are to document the protocol as it exists and is used currently, in such a way as to allow interoperable implementations to be written from the RFC. Minor modifications to enhance interoperability or operation based on field experience are suitable, major overhauls are outside the scope of this working group's charter. Goal 4 is to provide a mechanism for additional features deemed widely useful to be added to the existing framework, for example to provide better support for EAP. Clearly outside the scope of the charter are the following: 1) NAS Standardization is outside the scope. We're defining standard RADIUS, not a standard encompassing everything about network access servers. This effort does not require NASes to implement RADIUS; it just defines how the RADIUS Protocol works on NASes that do implement RADIUS. 2) RADIUS is not intended as a NAS management protocol; SNMP already exists for that. 3) Management of the Authentication/Authorization database itself is outside the scope. 4) Alternative transport protocols such as IPX or IPv6 appear straightforward, but will not be addressed in this effort. 5) The flexibility and generality of RADIUS have led to its use for other applications, but this Working Group is addressing only those uses involving user dial-in to Network Access Servers. Goals and Milestones: Done Meet at Dallas IETF. Done Submit revised Radius Accounting Internet-Draft. Done Submit revised Radius Internet-Draft. Jan 96 Submit Radius Accounting Internet-Draft to IESG for consideration as an Informational RFC. Jan 96 Submit Radius Internet-Draft to IESG for consideration as an Informational RFC. Feb 96 Submit Internet-Draft on Radius Extensions. Mar 96 Meet at LA IETF to deal with any pending issues on Radius or Radius Accounting Internet-Drafts. Apr 96 Submit Radius protocol Internet-Draft to IESG for consideration as a Proposed Standard. May 96 Submit revised Radius Extensions document as Internet-Draft. Nov 96 Submit Radius Protocol to IESG to be considered for elevation to Draft Standard. Internet-Drafts: Posted Revised I-D Title ------ ------- ------------------------------------------ Nov 96 Oct 98 Implementation of L2TP Compulsory Tunneling via RADIUS Nov 96 Aug 99 RADIUS Attributes for Tunnel Protocol Support Jan 97 May 98 Extensible Authentication Protocol Support in RADIUS Jan 97 May 99 RADIUS Extensions Jul 97 Jan 98 RADIUS Accounting Interim Accounting Record Extension Nov 97 Nov 97 RADIUS Attributes for MS-CHAP Support Dec 97 Apr 99 RADIUS Accounting Modifications for Tunnel Protocol Support Feb 98 Feb 98 RADIUS Attributes for Multilink PPP Banwidth Allocation Control Feb 98 Feb 98 RADIUS Attributes for Multilink PPP Banwidth Allocation Control Apr 98 New Support for Mobile IP in RADIUS Mar 99 May 99 Remote Authentication Dial In User Service (RADIUS) Mar 99 May 99 RADIUS Accounting Request For Comments: RFC Stat Published Title ------- -- ---------- ----------------------------------------- RFC2139 Apr 97 RADIUS Accounting RFC2138 PS Apr 97 Remote Authentication Dial In User Service (RADIUS) RFC2548 Mar 99 Microsoft Vendor-specific RADIUS Attributes RFC2619 PS Jun 99 RADIUS Authentication Server MIB RFC2620 Jun 99 RADIUS Accounting Client MIB RFC2621 Jun 99 RADIUS Accounting Server MIB RFC2618 PS Jun 99 RADIUS Authentication Client MIB