back to article Happy 20th birthday to the RADIUS RFC

January 2017 marks the twentieth year since the birth of an important Internet Request for Comment – a then-new way to account for customer's use of their then dial-up services. It's been around for so long, El Reg would bet most people would need Google to tell them what RADIUS stands for – Remote Authentication Dial-in User …

20 years?

Cisco added support for RADIUS in February 1996 (IOS 11.1), and they were dragged there kicking and screaming as they preferred people to use their own TACACS (and later, TACACS+) protocols.

Perhaps my calculator is broken, but that sounds like more than 20 years to me...

I hope the birthday card you bought was a belated one.

2
0
(Written by Reg staff)

Re: 20 years?

Thanks; I've made a suitable change to the headline. RC

1
0

Re: 20 years?

Yes, RADIUS was more of a Livingston, then Ascend thing.

RADIUS lives on, most enterprises' WiFi and authenticated Ethernet rely on it, but it's successor DIAMETER (get it?) is the protocol that is replacing SS7 for telephony in the post-circuit era.

2
0
Bronze badge

Re: 20 years?

Most of the features in DIAMETER have been back ported into RADIUS, so there is little need to change to the new protocol

similar to what has happened to IPv4 since the IPv6 standard came out.

2
0

20 years my hairy fat arse

We (Demon) were using RADIUS on both Ascend, USRobotics (much less) and custom SunOS with SCSI bases serial ports for authentication well before then. We (again, not me, just we) were also syncing RADIUS databases using UUCP over TCP between multiple servers for PoPs and the like too. Sigh.

1
0

Stock photography

Please, please, please stop using stock photography for every single article! A project is X years old, so you've got a generic picture of some generic people having a shit birthday party.

Enough.

6
1

Re: Stock photography

Yes, we demand a new photograph for every 'project is X years old' story from now on with someone of the correct age.

I think that IBM is 106 this year.

1
0
Silver badge

Re: Stock photography

There is some relevance: The Birthday Cake. All that's needed was to show a bird's eye view of someone using a knife to cut from the centre to the perimeter.

1
0
WTF?

Re: Stock photography

On that note...

What the /hell/ is the guy on the left wearing on his face?

0
0

Or how about if there is no directly relevant image (e.g.: product photo or vendor/project logo) then my preference would be no image.

3
0

Radius's big hic

Unlikely Active Directory, the Radius can not prompt you to regularly change your password. In general an administrator manually puts the text in a users file. He emails it to you, and you never change it.

For switches/industrial equipment/company WiFi tablets/phones you want people to regularly change thier own passwords so you can see in logs who did what.

You can have Radius pass the validation task to an AD but then you are running a closed windows system because Radius is missing a very basic feature. Plus you are forced to use your Windows Office PC password for network/critical stuff.

Time for a rework for the next 20 years.

0
0
Bronze badge

Re: Radius's big hic

Ummmmm. No. RADIUS is a protocol. It does not need to handle password change requests. It is the supplicant on your device and the backend (like Active Directory) that should be able to handle password changes, *not* the protocol.

*eyeroll*

1
0

This post has been deleted by its author

" No. RADIUS is a protocol. It does not need to handle password change requests."

The Radius protocol is able to do lots, like send text replies. It is able to set your Ip addresses. It can set access lists on what an authorised account can do. It can cause a modem to call you back.

It has extendable vendor attributes, but you can not changer your password?... You have to talk to a separate back end via a different comms device to do this basic function.

You can see it is from a time when it was OK to not change passwords. Radius was to avoid you putting lots of live passwords into comms equipement configs.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017