The growth in devices is being accompanied by continued growth in the number of Wi-Fi hotspots. Earlier work by the WBA has identified the use of RadSec, a protocol defined by the IETF in RFC 6614 for transporting RADIUS datagrams over TLS, coupled with a Public Key Infrastructure (PKI), for automating the security of these TLS sessions, as an alternative to the conventional WRIX approach.

With the growth of Wi-Fi interoperability and Wi-Fi roaming services, more service, network and identity providers are looking to build roaming businesses for which an easy and fast method to scale up interconnections is key.

RadSec certificate-based interconnection, through the WBA Public Key Infrastructure (PKI), provides a secure, simpler and less manual method to establish peer interconnection.

The  document, “PKI RadSec – Operator Deployment Guidelines” provide guidelines for implementing RADIUS interconnections using RadSec coupled with WBA’s PKI. These guidelines will act as a roadmap that will help planners and systems engineers ensure that RadSec installations go smoothly and efficiently. Adherence to the practices defined will also allow for a more standardized configuration approach and allow for consistent interconnections. This work complements the already released “End-Entity Deployment Guidelines” document, which provides guidance for organizations with Wi-Fi footprint and/or subscribers who intend to deploy WBA’s interoperable Public Keying Infrastructure (PKI) RadSec security service.

The PKI-RadSec Documentation are fully accessible for WBA members only. If you are a WBA Member, please access the WBA Extranet to download PKI-RadSec Documentation, including the WBA PKI Certificate Policy, End-Entity Deployment Guidelines and PKI RadSec – Operator Deployment Guidelines.

The PKI RadSec – Operator Deployment Guidelines is brought to you by WBA Roaming Evolution group.

Please contact us to find out more about the full document available to WBA members.

DOWNLOAD