RFC 2882 (rfc2882) - Page 2 of 16
Network Access Servers Requirements: Extended RADIUS Practices
Alternative Format: Original Text Document
RFC 2882 Extended RADIUS Practices July 2000
5.2 Authentication Modes . . . . . . . . . . . . . . . . . . . 8
5.3 Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.4 Pseudo Users . . . . . . . . . . . . . . . . . . . . . . . 9
6. Resource Management . . . . . . . . . . . . . . . . . . . . 9
6.1 Managed Resources . . . . . . . . . . . . . . . . . . . . . 9
6.2 Resource Management Messages . . . . . . . . . . . . . . . 10
6.3 Concurrent Logins . . . . . . . . . . . . . . . . . . . . . 10
6.4 Authorization Changes . . . . . . . . . . . . . . . . . . . 11
7. Policy Services . . . . . . . . . . . . . . . . . . . . . . 11
8. Accounting Extensions . . . . . . . . . . . . . . . . . . . 12
8.1 Auditing/Activity . . . . . . . . . . . . . . . . . . . . . 12
9. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . 12
10. Security Considerations . . . . . . . . . . . . . . . . . . 13
11. Implementation Documents . . . . . . . . . . . . . . . . . 13
11.1. Clients . . . . . . . . . . . . . . . . . . . . . . . . . 13
11.2. Servers . . . . . . . . . . . . . . . . . . . . . . . . . 14
12. References . . . . . . . . . . . . . . . . . . . . . . . . 14
13. Author's Address . . . . . . . . . . . . . . . . . . . . . 15
14. Full Copyright Statement . . . . . . . . . . . . . . . . . 16
1. Introduction
The RADIUS Working Group was formed in 1995 to document the protocol
of the same name, and was chartered to stay within a set of bounds
for dial-in terminal servers. Unfortunately the real world of
Network Access Servers (NASes) hasn't stayed that small and simple,
and continues to evolve at an amazing rate.
This document shows some of the current implementations on the market
have already outstripped the capabilities of the RADIUS protocol. A
quite a few features have been developed completely outside the
protocol. These features use the RADIUS protocol structure and
format, but employ operations and semantics well beyond the RFC
documents.
I learn of the details of these functions from reading industry
manuals and often have to respond to them in competive bid
specifications. As they become deployed in the field, they gather
the force of de-facto standards.
Because they have been done outside scope of the RFCs, they are
vendor specific, and introduce significant problems in offering an
interoperable product.
Mitton Informational