draft-ietf-radext-fixes-02.txt   draft-ietf-radext-fixes-03.txt 
Network Working Group David Nelson Network Working Group David Nelson
INTERNET-DRAFT Individual contributor INTERNET-DRAFT Elbrys Networks, Inc
Updates: 2865, 2866, 2869, 3579 Alan DeKok Updates: 2865, 2866, 2869, 3579 Alan DeKok
Category: Proposed Standard FreeRADIUS Category: Proposed Standard FreeRADIUS
<draft-ietf-radext-fixes-02.txt> <draft-ietf-radext-fixes-03.txt>
Expires: September 10, 2007
Common RADIUS Implementation Issues and Suggested Fixes Common RADIUS Implementation Issues and Suggested Fixes
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
skipping to change at page 1, line 31 skipping to change at page 1, line 32
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on August 14, 2007. This Internet-Draft will expire on September 10, 2007.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2007).
Abstract Abstract
This document describes common issues seen in RADIUS implementations This document describes common issues seen in RADIUS implementations
and suggests some fixes. Where applicable, ambiguities and errors in and suggests some fixes. Where applicable, ambiguities and errors in
previous RADIUS specifications are clarified. previous RADIUS specifications are clarified.
skipping to change at page 20, line 20 skipping to change at page 20, line 20
4. Security Considerations 4. Security Considerations
Since this document describes the use of RADIUS for purposes of Since this document describes the use of RADIUS for purposes of
authentication, authorization, and accounting in WLANs, it is authentication, authorization, and accounting in WLANs, it is
vulnerable to all of the threats that are present in other RADIUS vulnerable to all of the threats that are present in other RADIUS
applications. For a discussion of these threats, see [RFC2865], applications. For a discussion of these threats, see [RFC2865],
[RFC2607], [RFC3162], [RFC3579], and [RFC3580]. [RFC2607], [RFC3162], [RFC3579], and [RFC3580].
5. References 5. References
5.1. Normative references. 5.1. Normative references
[RFC2865] [RFC2865]
Rigney, C., Rubens, A., Simpson, W. and S. Willens, "Remote Rigney, C., Rubens, A., Simpson, W. and S. Willens, "Remote
Authentication Dial In User Service (RADIUS)", RFC 2865, June 2000. Authentication Dial In User Service (RADIUS)", RFC 2865, June 2000.
[RFC2866]
Rigney, C., "RADIUS Accounting", RFC 2866, June 2000.
[RFC2869]
Rigney, C., Willats, W. and P. Calhoun, "RADIUS Extensions", RFC
2869, June 2000.
[RFC3579]
Aboba, B. and P. Calhoun, "RADIUS Support for Extensible
Authentication Protocol (EAP)", RFC 3579, September 2003.
[PREFIX] [PREFIX]
Salowey, J., Droms., R, "RADIUS Delegated-IPv6-Prefix Attribute", Salowey, J., Droms., R, "RADIUS Delegated-IPv6-Prefix Attribute",
drafty-ietf-radext-delegated-prefix-05.txt, October, 2006. drafty-ietf-radext-delegated-prefix-05.txt, October, 2006.
5.2. Informative references. 5.2. Informative references
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March, 1997. Requirement Levels", RFC 2119, March, 1997.
[RFC2462] Thomson, S. and T. Narten, "IPv6 Stateless Address [RFC2462] Thomson, S. and T. Narten, "IPv6 Stateless Address
Autoconfiguration", RFC 2462, December 1998. Autoconfiguration", RFC 2462, December 1998.
[RFC2607] Aboba, B. and J. Vollbrecht, "Proxy Chaining and Policy [RFC2607] Aboba, B. and J. Vollbrecht, "Proxy Chaining and Policy
Implementation in Roaming", RFC 2607, June 1999. Implementation in Roaming", RFC 2607, June 1999.
[RFC2618] Aboba, B. and G. Zorn, "RADIUS Authentication Client MIB", RFC [RFC2618] Aboba, B. and G. Zorn, "RADIUS Authentication Client MIB", RFC
2618, June 1999. 2618, June 1999.
[RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000.
[RFC2869] Rigney, C., Willats, W. and P. Calhoun, "RADIUS Extensions",
RFC 2869, June 2000.
[RFC3162] Aboba, B., Zorn, G. and D. Mitton, "RADIUS and IPv6", RFC [RFC3162] Aboba, B., Zorn, G. and D. Mitton, "RADIUS and IPv6", RFC
3162, August 2001. 3162, August 2001.
[RFC3579] Aboba, B. and P. Calhoun, "RADIUS Support for Extensible
Authentication Protocol (EAP)", RFC 3579, September 2003.
[RFC3580] Congdon, P., Aboba, B., Smith, A., Zorn, G. and J. Roese, [RFC3580] Congdon, P., Aboba, B., Smith, A., Zorn, G. and J. Roese,
"IEEE 802.1X Remote Authentication Dial In User Service "IEEE 802.1X Remote Authentication Dial In User Service
(RADIUS) Usage Guidelines", RFC 3580, September 2003. (RADIUS) Usage Guidelines", RFC 3580, September 2003.
[RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J. and H. [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J. and H.
Levkowetz, "Extensible Authentication Protocol (EAP)", RFC Levkowetz, "Extensible Authentication Protocol (EAP)", RFC
3748, June 2004. 3748, June 2004.
[RFC3927] Cheshire, S., Aboba, B. and E. Guttman, "Dynamic Configuration [RFC3927] Cheshire, S., Aboba, B. and E. Guttman, "Dynamic Configuration
of IPv4 Link-Local Addresses", RFC 3927, May 2005. of IPv4 Link-Local Addresses", RFC 3927, May 2005.
skipping to change at page 21, line 51 skipping to change at page 21, line 48
The alternate algorithm to [RFC3579] Section 2.6.1 that is described The alternate algorithm to [RFC3579] Section 2.6.1 that is described
in section 2.1.2 of this document was designed by Raghu Dendukuri. in section 2.1.2 of this document was designed by Raghu Dendukuri.
David Nelson wishes to acknowledge the support of Enterasys Networks, David Nelson wishes to acknowledge the support of Enterasys Networks,
where he was employed during much of the work on this document. where he was employed during much of the work on this document.
Authors' Addresses Authors' Addresses
David B. Nelson David B. Nelson
(Independent contributor) Elbrys Networks, Inc.
72 Old Chester Road 75 Rochester Ave., Unit 3
Derry, NH 03038 Portsmouth N.H. 03801 USA
Phone: +1.603.570.2636
Email: d.b.nelson@comcast.net Email: d.b.nelson@comcast.net
Alan DeKok Alan DeKok
The FreeRADIUS Server Project The FreeRADIUS Server Project
http://freeradius.org/ http://freeradius.org/
Email: aland@freeradius.org Email: aland@freeradius.org
Intellectual Property Statement Intellectual Property Statement
 End of changes. 10 change blocks. 
19 lines changed or deleted 18 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/