Authentication Authorisation Accounting ARCHitecture
Research Group (AAAARCH)

Chairs: John Vollbrecht and Cees de Laat
To subscribe:Send a message to with message body: subscribe aaaarch
Web site:

Membership :== open (in any language)
To join the group one is kindly asked to mail the chairs.
We do adopt a open mailing list, all discussions will be on the mailing list mentioned above.

A number of Internet Services require Authentication, Authorization, Accounting and Audit Support. The ietf AAA Working Group is chartered with defining short term requirements for a protocol that will support such services for NASREQ and MobileIP. The work of the ietf AAA group has shown that there are a number of areas where an AAA architecture would be helpful.

This RG will work to define a next generation AAA architecture that incorporates a set of interconnected "generic" AAA servers and an application interface that allows Application Specific Modules access to AAA functions.

The architecture's focus is to support AAA services that:

This activity grows from the work of the authorization team of the ietf AAA Working Group.  The authorization team has proposed an "AAA Authorization Framework" [2] illustrated with numerous application examples [3] which in turn motivates a proposed list of authorization requirements [4].  This RG will build on the Authorization framework presented in [2] and the "generic" AAA Authorization Architecture presented in [5].  It will also draw on the work of the Policy Framework Working Group as well as security and accounting working groups. It will also work to provide a reasonable transition from existing AAA protocols and from any "interim" protocol approved by the AAA working group.

This group will coordinate closely with the AAA-WG and will report in each IETF AAA-WG meeting.

Goals and Milestones:

  1. Weinrib A, Postel J, "IRTF Research Group Guidelines and Procedures", RFC 2014, BCP 8, October 1996.
  2. J. Vollbrecht et al, "AAA Authorization Framework", RFC 2904, Informational, August 2000.
  3. J. Vollbrecht et al, "AAA Authorization Application Examples", RFC 2905, Informational, August 2000.
  4.  S. Farrell et al, "AAA Authorization Requirements", RFC 2906, Informational, August 2000.
  5. C. de Laat et al, "Generic AAA Architecture", RFC 2903, Experimental, August 2000
  Original: CdL - dec 10th 1999
  Revised : CdL - may 30th 2001