Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4
RFC 3957
Document | Type | RFC - Proposed Standard (March 2005; No errata) | |
---|---|---|---|
Authors | Pat Calhoun , Charles Perkins | ||
Last updated | 2015-10-14 | ||
Replaces | draft-ietf-mobileip-aaa-key | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 3957 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Thomas Narten | ||
Send notices to | tom.hiller@lucent.com, mccap@lucent.com |
Network Working Group C. Perkins Request for Comments: 3957 Nokia Research Center Category: Standards Track P. Calhoun Airespace March 2005 Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4 Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). Abstract Authentication, Authorization, and Accounting (AAA) servers, such as RADIUS and DIAMETER, are in use within the Internet today to provide authentication and authorization services for dial-up computers. Mobile IP for IPv4 requires strong authentication between the mobile node and its home agent. When the mobile node shares an AAA Security Association with its home AAA server, however, it is possible to use that AAA Security Association to create derived Mobility Security Associations between the mobile node and its home agent, and again between the mobile node and the foreign agent currently offering connectivity to the mobile node. This document specifies extensions to Mobile IP registration messages that can be used to create Mobility Security Associations between the mobile node and its home agent, and/or between the mobile node and a foreign agent. Perkins & Calhoun Standards Track [Page 1] RFC 3957 AAA Keys for Mobile IPv4 March 2005 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology. . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Overview of Operations with Key Generation Nonce Extensions. . 5 4. Mobility Security Associations . . . . . . . . . . . . . . . . 7 5. Key Generation Nonce Creation and Key Derivation . . . . . . . 8 6. Key Generation Extensions. . . . . . . . . . . . . . . . . . . 9 6.1. Generalized MN-FA Key Generation Nonce Request Extension 10 6.2. Generalized MN-FA Key Generation Nonce Reply Extension . 11 6.3. Generalized MN-HA Key Generation Nonce Request Extension 13 6.4. Generalized MN-HA Key Generation Nonce Reply Extension . 14 7. Error Values . . . . . . . . . . . . . . . . . . . . . . . . . 16 8. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 16 9. Security Considerations. . . . . . . . . . . . . . . . . . . . 17 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 18 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18 11.1. Normative References . . . . . . . . . . . . . . . . . . 18 11.2. Informative References . . . . . . . . . . . . . . . . . 19 Appendices . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 A. AAA Infrastructure. . . . . . . . . . . . . . . . . . . . . 20 B. Message Flow for Requesting and Receiving Registration Keys 24 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26 Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 27 1. Introduction AAA servers, such as RADIUS [11] and DIAMETER [12], are in use within the Internet today to provide authentication and authorization services for dial-up computers. Such services are likely to be valuable for mobile nodes using Mobile IP for IPv4 [1], when the nodes are attempting to connect to foreign domains with AAA servers. In this document Mobile IP for IPv4 is called "Mobile IPv4" or just "Mobile IP" for short, since no confusion with other versions is expected. Requirements for interactions between AAA and Mobile IP are outlined in RFC 2977 [13]; that document describes an infrastructure which enables AAA servers to authenticate and authorize network access requests from mobile nodes. See also appendix A. The Mobile IP Registration Request is considered to be a request for network access. It is then possible to augment the functionality of the Mobile IP mobility agents so that they can translate between Mobile IP registration messages and the messages used within the AAA infrastructure, as described in RFC 2977. Mobility agents and AAA servers that conform to the requirements of RFC 2977 can be considered as appropriate network entities to support the message types specified in this document. Please consult RFC 2977 [13] for further details. Perkins & Calhoun Standards Track [Page 2]Show full document text