RFC 7360

Datagram Transport Layer Security (DTLS) as a Transport Layer for RADIUS, September 2014

Canonical URL:
File formats:
Plain TextPDF
A. DeKok
radext (ops)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC7360

Discuss this RFC: Send questions or comments to radext@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


The RADIUS protocol defined in RFC 2865 has limited support for authentication and encryption of RADIUS packets. The protocol transports data in the clear, although some parts of the packets can have obfuscated content. Packets may be replayed verbatim by an attacker, and client-server authentication is based on fixed shared secrets. This document specifies how the Datagram Transport Layer Security (DTLS) protocol may be used as a fix for these problems. It also describes how implementations of this proposal can coexist with current RADIUS systems.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.

Download PDF Reader

Search RFCs
Advanced Search