Skip to content

radext-wg/draft-ietf-radext-radiusv11

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

89 Commits
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
draft-ietf-radext-radiusv11.md
draft-ietf-radext-radiusv11.md
 
 

Repository files navigation

RADIUS/(D)TLS Version 1.1.

This document defines RADIUS version 1.1. It is a transport profile for RADIUS which requires TLS, and does not use MD5 for packet signing or encrypting attributes.

Its is fully compatible with normal RADIUS, and can transport all RADIUS attributes, including CHAP, MS-CHAP, etc.

This document is for the IETF RADEXT WG http://datatracker.ietf.org/wg/radext

The IETF datatracker page for this document is https://datatracker.ietf.org/doc/draft-dekok-radext-radiusv11/

RADIUS and FIPS-140

Historical RADIUS over UDP is not FIPS compatible. This version can be used in a FIPS compatible environment.

Interoperability

GPLv2 code for this implementation is available at https://github.com/FreeRADIUS/freeradius-server/tree/v3.2.x

You will need to pass an extra option when building it:

./configure --with-radiusv11

In order to use it, the following configurations have to be updated:

client foo {
	...
	radiusv1_1 = allow
}
...

home_server bar {
	...
	tls {
		...
		radiusv1_1 = allow
	}
}
...

listen {
	...
	tls {
		...
		radiusv1_1 = allow
	}
}

About

RADIUS Version 1.1

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

16 tags

Packages

 
 
 

Contributors 3

  •  
  •  
  •  

Languages