Browse Prior Art Database

Larger Packets for RADIUS over TCP (RFC7930)

IP.com Disclosure Number: IPCOM000247252D
Original Publication Date: 2016-Aug-01
Included in the Prior Art Database: 2016-Aug-18
Document File: 20 page(s) / 23K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Hartman: AUTHOR

Abstract

The experiment with Remote Authentication Dial-In User Service (RADIUS) over Transport Layer Security (TLS) [RFC6614] provides strong confidentiality and integrity for RADIUS [RFC2865]. This enhanced security has opened new opportunities for using RADIUS to convey additional authorization information. As an example, [RFC7833] describes a mechanism for using RADIUS to carry Security Assertion Markup Language (SAML) messages in RADIUS. Many attributes carried in these SAML messages will require confidentiality or integrity such as that provided by TLS.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 12% of the total text.

Internet Engineering Task Force (IETF)                        S. Hartman Request for Comments: 7930                             Painless Security Updates: 6613                                                August 2016 Category: Experimental ISSN: 2070-1721

                    Larger Packets for RADIUS over TCP

Abstract

   The RADIUS-over-TLS experiment described in RFC 6614 has opened    RADIUS to new use cases where the 4096-octet maximum size limit of a    RADIUS packet proves problematic.  This specification extends the    RADIUS-over-TCP experiment (RFC 6613) to permit larger RADIUS    packets.  This specification compliments other ongoing work to permit    fragmentation of RADIUS authorization information.  This document    registers a new RADIUS code, an action that required IESG approval.

Status of This Memo

   This document is not an Internet Standards Track specification; it is    published for examination, experimental implementation, and    evaluation.

   This document defines an Experimental Protocol for the Internet    community.  This document is a product of the Internet Engineering    Task Force (IETF).  It represents the consensus of the IETF    community.  It has received public review and has been approved for    publication by the Internet Engineering Steering Group (IESG).  Not    all documents approved by the IESG are a candidate for any level of    Internet Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at    http://www.rfc-editor.org/info/rfc7930.

Hartman                       Experimental                      [Page 1]
 RFC 7930                  RADIUS Large Packets               August 2016

 Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (http://trustee.ietf.org/license-info) in effect on the date of    publication of this document.  Please review these documents    carefully, as they describe your rights and restrictions with respect    to this document.  Code Components extracted from this document must    include Simplified BSD License text as described in Section 4.e of    the Trust Legal Provisions and are provided without warranty as    described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3

     1.1.  Requirements Notation . . . . . . . . . . . . . . . . . .   3

   2.  Changes to Packet Processing  . . . . . . . . . . . . . . . .   4

 ...