Network Access Server Requirements (nasreq)
-------------------------------------------

 Charter
 Last Modified: 2002-03-14

 Current Status: Active Working Group

 Chair(s):
     David Mitton  <david@mitton.com>
     Mark Beadles  <mbeadles@smartpipes.com>

 Operations and Management Area Director(s):
     Randy Bush  <randy@psg.com>
     Bert Wijnen  <bwijnen@lucent.com>

 Operations and Management Area Advisor:
     Randy Bush  <randy@psg.com>

 Editor(s):
     Bernard Aboba  <aboba@internaut.com>

 Mailing Lists: 
     General Discussion:nasreq@ops.ietf.org
     To Subscribe:      nasreq-request@ops.ietf.org
         In Body:       (un)subscribe
     Archive:           http://ops.ietf.org/lists/nasreq/

Description of Working Group:

The purpose of this group is to gather and process the requirements of
modern Network Access Servers (NAS) with respect to user-based service
Authentication, Authorization, and usage Accounting. Services being
considered go beyond simple dial-in access, and include Virtual Private
Network support, smart authentication methods, and roaming concerns.
The common thread is demand-based dynamic services requested within a
user authentication model, viewing the NAS as a tool for implementing
network policy and security.

The RADIUS protocol was developed in response to the previous incar-
nation of the Network Access Servers Requirements (NASREQ) BOFs.  The
protocol was a simple but flexible solution to many of the require-
ments in terminal and network access servers at the time.  The RADIUS
Working Group is about to conclude its work on the basic protocol, but
NAS development continues at a rapid pace, and implementations are
trying to use more standards now than when RADIUS began. As we add
more services to NAS boxes, the RADIUS protocol is often stretched and
bent well beyond the original design goals, and often fails to deliver
the desired reliability, functionality, or security.

As NAS installations become larger and more complex, and as NAS services
are virtualized in other servers, the services being authorized require
more sophisticated mechanisms for coordinating policy and resource state
across multiple systems and servers.

The group will work closely with other Working Groups (including 
roamops, pppext, policy, et al.), to serve as input for the group's 
requirements and to identify candidate protocols which may meet those 
requirements.

This group will document all of the current requirements for services
which fully meet the needs of modern and next generation NAS systems.


Goals and Work items:

        The first goal of the group will be to collect and organize
        functional requirements.  The focus of the requirements will
        center on NAS user authorization.  Functions provided adequately
        by other standardized protocols will be documented as such.
        Requirements will be generated by the members of the BOF/WG,
        with input from the RADIUS WG, the RoamOps WG, the AAA BOF/WG,
        and other groups as required.  The output of this effort will
        be an informational requirements document.

        In parallel, another document will be a survey of the current
        practices that NAS vendors and deployers are engaging in to
        provide similar services, using extensions to RADIUS or pro-
        prietary protocols. The output will become an informational
        survey document.

        The group will review current draft work on RADIUS extension or
        successor protocols and determine their suitability to meeting
        the WG's requirements. The output of this effort will be an
        informational document detailing the evaluation and
        recommendations.

        The charter of the group will be reviewed at that time, and
        adjusted according to any new work items and directions.

 Goals and Milestones:

   Done         Submit first draft of requirements as an Internet-Draft 

   Done         Submit first draft of practices as an Internet-Draft 

   Done         Submit practices document to IESG requesting publication as an 
                RFC 

   Done         Submit requirements document to IESG requesting publication as 
                an RFC 

   Done         Meet at DC IETF (Decide on recommendations for final document) 

   Jan 00       Review/update WG charter 


 Internet-Drafts:

  No Current Internet-Drafts.

 Request For Comments:

  RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC2058 PS   Jan 97    Remote Authentication Dial In User Service (RADIUS) 

RFC2882 I    Aug 00    Network Access Servers Requirements: Extended RADIUS 
                       Practices 

RFC2881 I    Aug 00    Network Access Server Requirements Next Generation 
                       (NASREQNG)NAS Model 

RFC3169 I    Sep 01    Criteria for Evaluating Network Access Server Protocols