Browse Prior Art Database

Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS) (RFC3576)

IP.com Disclosure Number: IPCOM000018644D
Original Publication Date: 2003-Jul-01
Included in the Prior Art Database: 2003-Jul-30
Document File: 31 page(s) / 70K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Chiba: AUTHOR [+5]

Abstract

This document describes a currently deployed extension to the Remote Authentication Dial In User Service (RADIUS) protocol, allowing dynamic changes to a user session, as implemented by network access server products. This includes support for disconnecting users and changing authorizations applicable to a user session.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 4% of the total text.

Network Working Group� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � M. Chiba

Request for Comments: 3576� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � G. Dommety

Category: Informational� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � M. Eklund

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Cisco Systems, Inc.

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � D. Mitton

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Circular Logic, UnLtd.

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � B. Aboba

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Microsoft Corporation

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � July 2003

� � � � � � � � � � � � � Dynamic Authorization Extensions to Remote

� � � � � � � � � � � � � Authentication Dial In User Service (RADIUS)

Status of this Memo

� � This memo provides information for the Internet community.� It does

� � not specify an Internet standard of any kind.� Distribution of this

� � memo is unlimited.

Copyright Notice

� � Copyright (C) The Internet Society (2003).� All Rights Reserved.

Abstract

� � This document describes a currently deployed extension to the Remote

� � Authentication Dial In User Service (RADIUS) protocol, allowing

� � dynamic changes to a user session, as implemented by network access

� � server products.� This includes support for disconnecting users and

� � changing authorizations applicable to a user session.

Chiba, et al.� � � � � � � � � � � � � � � Informational� � � � � � � � � � � � � � � � � � � � � [Page 1]

RFC 3576� � � � � � Dynamic Authorization Extensions to RADIUS� � � � � July 2003

Table of Contents

� � 1.� Introduction . . . . . . . . . . . . . . . . . . . . . . . . .� 3

� � � � � � 1.1.� Applicability. . . . . . . . . . . . . . . . . . . . . .� 3

� � � � � � 1.2.� Requirements Language� . . . . . . . . . . . . . . . . .� 5

� � � � � � 1.3.� Terminology. . . . . . . . . . . . . . . . . . . . . . .� 5

� � 2.� Overview . . . . . . . . . . . . . . . . . . . . . . . . . . .� 5

� � � � � � 2.1.� Disconnect Messages (DM) . . . . . . . . . . . . . . . .� 5

� � � � � � 2.2.� Change-of-Authorization Messages (CoA) . . . . . . . . .� 6

� � � � � � 2.3.� Packet Format. . . . . . . . . . . . . . . . . . . . . .� 7

� � 3.� Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . 11

� � � � � � 3.1.� Error-Cause. . . . . . . . . . . . . . . . . . . . . . . 13

� � � � � � 3.2.� Table of Attributes. . . . . . . . . . . . . . . . . . . 16

� � 4.� IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 20

�...