RFC 9765
RADIUS/1.1: Leveraging Application-Layer Protocol Negotiation (ALPN) to Remove MD5, April 2025
- File formats:
- Also available: XML file for editing
- Status:
- EXPERIMENTAL
- Updates:
- RFC 2865, RFC 2866, RFC 5176, RFC 6613, RFC 6614, RFC 7360
- Author:
- A. DeKok
- Stream:
- IETF
- Source:
- radext (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9765
Discuss this RFC: Send questions or comments to the mailing list radext@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9765
Abstract
This document defines Application-Layer Protocol Negotiation (ALPN) extensions for use with RADIUS/TLS and RADIUS/DTLS. These extensions permit the negotiation of an application protocol variant of RADIUS called "RADIUS/1.1". No changes are made to RADIUS/UDP or RADIUS/TCP. The extensions allow the negotiation of a transport profile where the RADIUS shared secret is no longer used, and all MD5-based packet authentication and attribute obfuscation methods are removed.
This document updates RFCs 2865, 2866, 5176, 6613, 6614, and 7360.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.