RADIUS ALPN and removing MD5
draft-ietf-radext-radiusv11-10
Approval announcement
Draft of message to be sent after approval:
Announcement
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-radext-radiusv11@ietf.org, mrcullen42@gmail.com, paul.wouters@aiven.io, radext-chairs@ietf.org, radext@ietf.org, rfc-editor@rfc-editor.org, rieckers@dfn.de, rieckers@uni-bremen.de
Subject: Document Action: 'RADIUS ALPN and removing MD5' to Experimental RFC (draft-ietf-radext-radiusv11-07.txt)
The IESG has approved the following document:
- 'RADIUS ALPN and removing MD5'
(draft-ietf-radext-radiusv11-07.txt) as Experimental RFC
This document is the product of the RADIUS EXTensions Working Group.
The IESG contact persons are Paul Wouters and Deb Cooley.
A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-radext-radiusv11/
Ballot Text
Technical Summary
This document defines Application-Layer Protocol Negotiation
Extensions for use with RADIUS/TLS and RADIUS/DTLS. These extensions
permit the negotiation of an additional application protocol for
RADIUS over (D)TLS. No changes are made to RADIUS/UDP or RADIUS/TCP.
The extensions allow the negotiation of a transport profile where the
RADIUS shared secret is no longer used, and all MD5-based packet
signing and attribute obfuscation methods are removed. When this
extension is used, the previous Authenticator field is repurposed to
contain an explicit request / response identifier, called a Token.
The Token also allows more than 256 packets to be outstanding on one
connection.
This extension can be seen as a transport profile for RADIUS, as it
is not an entirely new protocol. It uses the existing RADIUS packet
layout and attribute format without change. As such, it can carry
all present and future RADIUS attributes. Implementation of this
extension requires only minor changes to the protocol encoder and
decoder functionality. The protocol defined by this extension is
named "RADIUS version 1.1", or "RADIUS/1.1".
This document updates RFC5176, RFC6614, and RFC 7360.
Working Group Summary
Was there anything in the WG process that is worth noting?
For example, was there controversy about particular points
or were there decisions where the consensus was
particularly rough?
Document Quality
Are there existing implementations of the protocol? Have a
significant number of vendors indicated their plan to
implement the specification? Are there any reviewers that
merit special mention as having done a thorough review,
e.g., one that resulted in important changes or a
conclusion that the document had no substantive issues? If
there was a MIB Doctor, Media Type, or other Expert Review,
what was its course (briefly)? In the case of a Media Type
Review, on what date was the request posted?
Personnel
The Document Shepherd for this document is Jan-Frederik Rieckers. The
Responsible Area Director is Paul Wouters.
IANA Note
(Insert IANA Note here or remove section)
RFC Editor Note