RADSEC is next-generation RADIUS transport which relies on TCP and TLS for reliable and secure transport with integrity verification. Deployment of RADSEC will likely come in two phases: Initially the eduroam infrastructure will deploy RADSEC for infrastructure validation, in which case TLS replaces shared RADIUS secrets. The second-phase of RADSEC deployment will replace the current hierarchical structure of eduroam with a Peer-to-Peer model as outlined in this IETF working group document.
Currently RADSEC support is integrated into Radiator and FreeRADIUS support is forthcoming. To aid in integration of RADSEC with existing infrastructure the radsecproxy tool has been created by UNINETT (Norway) to provide RADSEC infrastructure while proxying to non-RADSEC aware RADIUS servers.