3GPP IMS Option for IKEv2
draft-gundavelli-ipsecme-3gpp-ims-options-00
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 7651.
|
|
---|---|---|---|
Authors | Aeneas Noble, Sri Gundavelli , Jouni Korhonen , Florin Baboescu | ||
Last updated | 2013-02-18 | ||
RFC stream | (None) | ||
Formats | |||
IETF conflict review | conflict-review-gundavelli-ipsecme-3gpp-ims-options, conflict-review-gundavelli-ipsecme-3gpp-ims-options, conflict-review-gundavelli-ipsecme-3gpp-ims-options, conflict-review-gundavelli-ipsecme-3gpp-ims-options, conflict-review-gundavelli-ipsecme-3gpp-ims-options, conflict-review-gundavelli-ipsecme-3gpp-ims-options | ||
Additional resources | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Became RFC 7651 (Informational) | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
draft-gundavelli-ipsecme-3gpp-ims-options-00
Internet-Draft 3GPP IMS Option for IKEv2 February 2013 shown below. Client Gateway -------- --------- HDR(IKE_SA_INIT), SAi1, KEi, Ni --> <-- HDR(IKE_SA_INIT), SAr1, KEr, Nr, [CERTREQ] HDR(IKE_AUTH), SK { IDi, CERT, [CERTREQ], AUTH, [IDr], CP(CFG_REQUEST) = { INTERNAL_IP4_ADDRESS(), INTERNAL_IP4_DNS(), P-CSCF_IP4_ADDRESS, P-CSCF_IP6_ADDRESS }, SAi2, TSi = (0, 0-65535, 0.0.0.0-255.255.255.255), TSr = (0, 0-65535, 0.0.0.0-255.255.255.255) } --> <-- HDR(IKE_AUTH), SK { IDr, CERT, AUTH, CP(CFG_REPLY) = { INTERNAL_IP4_ADDRESS(192.0.2.234), P-CSCF_IP4_ADDRESS, P-CSCF_IP6_ADDRESS, INTERNAL_IP4_DNS(198.51.100.33) }, SAr2, TSi = (0, 0-65535, 192.0.2.234-192.0.2.234), TSr = (0, 0-65535, 0.0.0.0-255.255.255.255) } Figure 4: P-CSCF Attribute Exchange 6. IANA Considerations This document requires the following two IANA actions. o Action-1: This specification defines a new IKEv2 attribute for carrying the IPv4 address of P-CSCF function. This attribute is defined in Section 3. The Type value for this Attribute needs to be assigned from the IKEv2 Configuration Payload Attribute Types namespace defined in [RFC5996]. o Action-2: This specification defines a new IKEv2 attribute for carrying the IPv6 address of P-CSCF function. This attribute is Noble, et al. Expires August 22, 2013 [Page 6] Internet-Draft 3GPP IMS Option for IKEv2 February 2013 defined in Section 4. The Type value for this Attribute needs to be assigned from the IKEv2 Configuration Payload Attribute Types namespace defined in [RFC5996]. 7. Security Considerations This document is an extension to IKEv2 [RFC5996] and therefore it inherits all the security properties of IKEv2. The two new IKEv2 attributes defined in this specification are for carrying the IPv4 and IPv6 address of the P-CSCF function. These attributes can be exchanged by IKE peers as part of the configuration payload and the currently defined IKEv2 security framework provides the needed integrity and privacy protection for these attributes. Therefore this specification does not introduce any new security vulnarabilities. 8. Acknowledgements The Authors would like to thank Vojislav Vuecetic, Heather Sze, Sebastian Speicher, Maulik Vaidya for all the discussions related to this topic. 9. References 9.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC5996] Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen, "Internet Key Exchange Protocol Version 2 (IKEv2)", RFC 5996, September 2010. 9.2. Informative References [RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008. [RFC5739] Eronen, P., Laganier, J., and C. Madson, "IPv6 Configuration in Internet Key Exchange Protocol Version 2 (IKEv2)", RFC 5739, February 2010. [RFC5844] Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy Mobile IPv6", RFC 5844, May 2010. Noble, et al. Expires August 22, 2013 [Page 7] Internet-Draft 3GPP IMS Option for IKEv2 February 2013 [TS23402] 3GPP, "Architecture enhancements for non-3GPP accesses", 2012. Authors' Addresses Aeneas Noble Cisco 30 International Pl TEWKSBURY, MASSACHUSETTS 95134 USA Email: noblea@cisco.com Sri Gundavelli Cisco 170 West Tasman Drive San Jose, CA 95134 USA Email: sgundave@cisco.com Jouni Korhonen Nokia Siemens Networks Linnoitustie 6 Espoo FIN-02600 Finland Email: jouni.nospam@gmail.com Florin Baboescu Broadcom Corporation 100 Mathilda Place Sunnyvale, CA 94086 USA Email: baboescu@broadcom.com> Noble, et al. Expires August 22, 2013 [Page 8]