RADIUS ALPN and removing MD5
draft-ietf-radext-radiusv11-10

• Status
• IESG evaluation record
• IESG writeups
• Email expansions
• History

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-radext-radiusv11@ietf.org, mrcullen42@gmail.com, paul.wouters@aiven.io, radext-chairs@ietf.org, radext@ietf.org, rfc-editor@rfc-editor.org, rieckers@dfn.de, rieckers@uni-bremen.de
Subject: Document Action: 'RADIUS ALPN and removing MD5' to Experimental RFC (draft-ietf-radext-radiusv11-07.txt)

The IESG has approved the following document:
- 'RADIUS ALPN and removing MD5'
  (draft-ietf-radext-radiusv11-07.txt) as Experimental RFC

This document is the product of the RADIUS EXTensions Working Group.

The IESG contact persons are Paul Wouters and Deb Cooley.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-radext-radiusv11/

Ballot Text

Technical Summary

   This document defines Application-Layer Protocol Negotiation
   Extensions for use with RADIUS/TLS and RADIUS/DTLS.  These extensions
   permit the negotiation of an additional application protocol for
   RADIUS over (D)TLS.  No changes are made to RADIUS/UDP or RADIUS/TCP.
   The extensions allow the negotiation of a transport profile where the
   RADIUS shared secret is no longer used, and all MD5-based packet
   signing and attribute obfuscation methods are removed.  When this
   extension is used, the previous Authenticator field is repurposed to
   contain an explicit request / response identifier, called a Token.
   The Token also allows more than 256 packets to be outstanding on one
   connection.

   This extension can be seen as a transport profile for RADIUS, as it
   is not an entirely new protocol.  It uses the existing RADIUS packet
   layout and attribute format without change.  As such, it can carry
   all present and future RADIUS attributes.  Implementation of this
   extension requires only minor changes to the protocol encoder and
   decoder functionality.  The protocol defined by this extension is
   named "RADIUS version 1.1", or "RADIUS/1.1".

   This document updates RFC5176, RFC6614, and RFC 7360.

Working Group Summary

   Was there anything in the WG process that is worth noting?
   For example, was there controversy about particular points 
   or were there decisions where the consensus was
   particularly rough? 

Document Quality

   Are there existing implementations of the protocol?  Have a 
   significant number of vendors indicated their plan to
   implement the specification?  Are there any reviewers that
   merit special mention as having done a thorough review,
   e.g., one that resulted in important changes or a
   conclusion that the document had no substantive issues?  If
   there was a MIB Doctor, Media Type, or other Expert Review,
   what was its course (briefly)?  In the case of a Media Type
   Review, on what date was the request posted?

Personnel

   The Document Shepherd for this document is Jan-Frederik Rieckers. The
   Responsible Area Director is Paul Wouters.

IANA Note

  (Insert IANA Note here or remove section)

RFC Editor Note