RadSec Protocol

What is RadSec?

RadSec stands for Secure RADIUS protocol. This is a protocol which implements the radius protocol on top of TLDv3 transport layer as defined in the ietf draft “draft-ietf-radext-radSec-12”. You can only use RadSec if your organisation is a member of the Belnet R&E Federation. Only research and education organisations can become a member of the R&E Federation. You also need to subscribe to the Belnet personal certificate service.

 

Trust as a basis

RadSec as hierarchical model provides a good trust relationship between each participant. With RadSec you need to transmit certificates between RADIUS servers. The certificates need to be conform with a certificate policy. The usage of this policy and related certificates ensures the trust relationship between all participants. Currently Belnet uses the eduPKI private key infrastructure to get the certifiactes for the top level .be RADIUS servers.