Happy 20th birthday to the RADIUS RFC

In January 1997, the Internet learned to count


January 2017 marks the twentieth year since the birth of an important Internet Request for Comment – a then-new way to account for customer's use of their then dial-up services.

It's been around for so long, El Reg would bet most people would need Google to tell them what RADIUS stands for – Remote Authentication Dial-in User Service, RFC 2058, here, and its accompanying RADIUS Accounting, RFC 2059, here.

At the time, something was desperately needed: the most popular authentication protocol then was PAP (Password Authentication Protocol), which transmitted credentials in the clear; or CHAP (Challenge Handshake Authentication Protocol), which at least used MD5 hashes. The latter eventually evolved into EAP, the Extensible Authentication Protocol – and RADIUS's authors realised from the start that interop with its predecessors would be a good idea.

(Not to mention, of course, Unix logins, which was the first ISP login this author saw).

And its companion, RADIUS Accounting, called on the user database RADIUS used to get rid of the “significant administrative support” needed to charge users, and to deliver the right services to them; the examples listed in the RFC include SLIP, PPP, telnet, rlogin, which by now should look quaint but doesn't.

Both RFCs were quickly rewritten – by April 1997, the original RADIUS and RADIUS Accounting were obsoleted by RFCs 2138 and 2139; these were updated to RFCs 2865 and 2866 in 2000.

RADIUS has become the default for ISP operations, in no small part because Cisco quickly adopted it, and it remains a staple and one of the IETF's most important RFCs. ®

Bootnote: The anniversary in question is the RFC. Thanks to the commentard who pointed out implementations existed prior to the RFC's publication. The start of the standardisation process is still worth noting - along with the importance of RADIUS. ®

Biting the hand that feeds IT © 1998–2018