Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4
RFC 3957
| Document | Type | RFC - Proposed Standard (March 2005; No errata) | |
|---|---|---|---|
| Authors | Pat Calhoun , Charles Perkins | ||
| Last updated | 2015-10-14 | ||
| Replaces | draft-ietf-mobileip-aaa-key | ||
| Stream | IETF | ||
| Formats | plain text html pdf htmlized bibtex | ||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 3957 (Proposed Standard) | |
| Action Holders |
(None)
|
||
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Thomas Narten | ||
| Send notices to | tom.hiller@lucent.com, mccap@lucent.com | ||
Network Working Group C. Perkins
Request for Comments: 3957 Nokia Research Center
Category: Standards Track P. Calhoun
Airespace
March 2005
Authentication, Authorization, and Accounting (AAA)
Registration Keys for Mobile IPv4
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract
Authentication, Authorization, and Accounting (AAA) servers, such as
RADIUS and DIAMETER, are in use within the Internet today to provide
authentication and authorization services for dial-up computers.
Mobile IP for IPv4 requires strong authentication between the mobile
node and its home agent. When the mobile node shares an AAA Security
Association with its home AAA server, however, it is possible to use
that AAA Security Association to create derived Mobility Security
Associations between the mobile node and its home agent, and again
between the mobile node and the foreign agent currently offering
connectivity to the mobile node. This document specifies extensions
to Mobile IP registration messages that can be used to create
Mobility Security Associations between the mobile node and its home
agent, and/or between the mobile node and a foreign agent.
Perkins & Calhoun Standards Track [Page 1]
RFC 3957 AAA Keys for Mobile IPv4 March 2005
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology. . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Overview of Operations with Key Generation Nonce Extensions. . 5
4. Mobility Security Associations . . . . . . . . . . . . . . . . 7
5. Key Generation Nonce Creation and Key Derivation . . . . . . . 8
6. Key Generation Extensions. . . . . . . . . . . . . . . . . . . 9
6.1. Generalized MN-FA Key Generation Nonce Request Extension 10
6.2. Generalized MN-FA Key Generation Nonce Reply Extension . 11
6.3. Generalized MN-HA Key Generation Nonce Request Extension 13
6.4. Generalized MN-HA Key Generation Nonce Reply Extension . 14
7. Error Values . . . . . . . . . . . . . . . . . . . . . . . . . 16
8. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 16
9. Security Considerations. . . . . . . . . . . . . . . . . . . . 17
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 18
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18
11.1. Normative References . . . . . . . . . . . . . . . . . . 18
11.2. Informative References . . . . . . . . . . . . . . . . . 19
Appendices . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
A. AAA Infrastructure. . . . . . . . . . . . . . . . . . . . . 20
B. Message Flow for Requesting and Receiving Registration Keys 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 27
1. Introduction
AAA servers, such as RADIUS [11] and DIAMETER [12], are in use within
the Internet today to provide authentication and authorization
services for dial-up computers. Such services are likely to be
valuable for mobile nodes using Mobile IP for IPv4 [1], when the
nodes are attempting to connect to foreign domains with AAA servers.
In this document Mobile IP for IPv4 is called "Mobile IPv4" or just
"Mobile IP" for short, since no confusion with other versions is
expected. Requirements for interactions between AAA and Mobile IP
are outlined in RFC 2977 [13]; that document describes an
infrastructure which enables AAA servers to authenticate and
authorize network access requests from mobile nodes. See also
appendix A. The Mobile IP Registration Request is considered to be a
request for network access. It is then possible to augment the
functionality of the Mobile IP mobility agents so that they can
translate between Mobile IP registration messages and the messages
used within the AAA infrastructure, as described in RFC 2977.
Mobility agents and AAA servers that conform to the requirements of
RFC 2977 can be considered as appropriate network entities to support
the message types specified in this document. Please consult RFC
2977 [13] for further details.
Perkins & Calhoun Standards Track [Page 2]
Show full document text