Dynamic Authorization Proxying in the Remote Authentication Dial-In User Service (RADIUS) Protocol, April 2019
- File formats:
- PROPOSED STANDARD
- RFC 5176, RFC 5580
- A. DeKok
- radext (sec)
Discuss this RFC: Send questions or comments to the mailing list [email protected]
RFC 5176 defines Change-of-Authorization (CoA) and Disconnect Message (DM) behavior for RADIUS. RFC 5176 also suggests that proxying these messages is possible, but it does not provide guidance as to how that is done. This specification updates RFC 5176 to correct that omission for scenarios where networks use realm-based proxying as defined in RFC 7542. This specification also updates RFC 5580 to allow the Operator-Name attribute in CoA-Request and Disconnect-Request packets.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.