RFC 7360
Datagram Transport Layer Security (DTLS) as a Transport Layer for RADIUS, September 2014
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC7360
Discuss this RFC: Send questions or comments to the mailing list radext@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 7360
Abstract
The RADIUS protocol defined in RFC 2865 has limited support for authentication and encryption of RADIUS packets. The protocol transports data in the clear, although some parts of the packets can have obfuscated content. Packets may be replayed verbatim by an attacker, and client-server authentication is based on fixed shared secrets. This document specifies how the Datagram Transport Layer Security (DTLS) protocol may be used as a fix for these problems. It also describes how implementations of this proposal can coexist with current RADIUS systems.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.