draft-ietf-dime-erp-17.txt   rfc6942.txt 
Network Working Group J. Bournelle Internet Engineering Task Force (IETF) J. Bournelle
Internet-Draft L. Morand Request for Comments: 6942 L. Morand
Intended status: Standards Track Orange Labs Category: Standards Track Orange Labs
Expires: September 12, 2013 S. Decugis ISSN: 2070-1721 S. Decugis
INSIDE Secure INSIDE Secure
Q. Wu Q. Wu
Huawei Huawei
G. Zorn G. Zorn
Network Zen Network Zen
March 11, 2013 May 2013
Diameter Support for the EAP Re-authentication Protocol (ERP) Diameter Support for the EAP Re-authentication Protocol (ERP)
draft-ietf-dime-erp-17.txt
Abstract Abstract
The EAP Re-authentication Protocol (ERP) defines extensions to the The EAP Re-authentication Protocol (ERP) defines extensions to the
Extensible Authentication Protocol (EAP) to support efficient re- Extensible Authentication Protocol (EAP) to support efficient
authentication between the peer and an EAP Re-authentication (ER) re-authentication between the peer and an EAP Re-authentication (ER)
server through a compatible authenticator. This document specifies server through a compatible authenticator. This document specifies
Diameter support for ERP. It defines a new Diameter ERP application Diameter support for ERP. It defines a new Diameter ERP application
to transport ERP messages between an ER authenticator and the ER to transport ERP messages between an ER authenticator and the ER
server, and a set of new AVPs that can be used to transport the server, and a set of new Attribute-Value Pairs (AVPs) that can be
cryptographic material needed by the re-authentication server. used to transport the cryptographic material needed by the
re-authentication server.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
This Internet-Draft will expire on September 12, 2013. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc6942.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 4
3. Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 4 4. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 5
5. Bootstrapping the ER Server . . . . . . . . . . . . . . . . . 6 5. Bootstrapping the ER Server . . . . . . . . . . . . . . . . . 6
5.1. Bootstrapping During the Initial EAP authentication . . . 6 5.1. Bootstrapping during the Initial EAP Authentication . . . 6
5.2. Bootstrapping During the First Re-authentication . . . . . 8 5.2. Bootstrapping during the First Re-authentication . . . . 8
6. Re-Authentication . . . . . . . . . . . . . . . . . . . . . . 10 6. Re-authentication . . . . . . . . . . . . . . . . . . . . . . 11
7. Application Id . . . . . . . . . . . . . . . . . . . . . . . . 11 7. Application Id . . . . . . . . . . . . . . . . . . . . . . . 12
8. AVPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 8. AVPs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
8.1. ERP-RK-Request AVP . . . . . . . . . . . . . . . . . . . . 12 8.1. ERP-RK-Request AVP . . . . . . . . . . . . . . . . . . . 13
8.2. ERP-Realm AVP . . . . . . . . . . . . . . . . . . . . . . 12 8.2. ERP-Realm AVP . . . . . . . . . . . . . . . . . . . . . . 13
8.3. Key AVP . . . . . . . . . . . . . . . . . . . . . . . . . 12 8.3. Key AVP . . . . . . . . . . . . . . . . . . . . . . . . . 13
8.3.1. Key-Type AVP . . . . . . . . . . . . . . . . . . . . . 12 8.3.1. Key-Type AVP . . . . . . . . . . . . . . . . . . . . 13
8.3.2. Keying-Material AVP . . . . . . . . . . . . . . . . . 12 8.3.2. Keying-Material AVP . . . . . . . . . . . . . . . . . 13
8.3.3. Key-Name AVP . . . . . . . . . . . . . . . . . . . . . 13 8.3.3. Key-Name AVP . . . . . . . . . . . . . . . . . . . . 14
8.3.4. Key-Lifetime AVP . . . . . . . . . . . . . . . . . . . 13 8.3.4. Key-Lifetime AVP . . . . . . . . . . . . . . . . . . 14
9. Result-Code AVP Values . . . . . . . . . . . . . . . . . . . . 13 9. Result-Code AVP Values . . . . . . . . . . . . . . . . . . . 14
9.1. Permanent Failures . . . . . . . . . . . . . . . . . . . . 13 9.1. Permanent Failures . . . . . . . . . . . . . . . . . . . 14
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14
10.1. Diameter Application Identifier . . . . . . . . . . . . . 13 10.1. Diameter Application Identifier . . . . . . . . . . . . 14
10.2. New AVPs . . . . . . . . . . . . . . . . . . . . . . . . . 13 10.2. New AVPs . . . . . . . . . . . . . . . . . . . . . . . . 15
10.3. New Permanent Failures Result-Code AVP Values . . . . . . 14 10.3. New Permanent Failures Result-Code AVP Values . . . . . 15
11. Security Considerations . . . . . . . . . . . . . . . . . . . 14 11. Security Considerations . . . . . . . . . . . . . . . . . . . 15
12. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 14 12. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 16
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 16
14. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 16
14.1. Normative References . . . . . . . . . . . . . . . . . . . 15 14.1. Normative References . . . . . . . . . . . . . . . . . . 16
14.2. Informative References . . . . . . . . . . . . . . . . . . 16 14.2. Informative References . . . . . . . . . . . . . . . . . 17
1. Introduction 1. Introduction
Cao, et al. [RFC6696] defines the EAP Re-authentication Protocol Cao, et al. [RFC6696] defines the EAP Re-authentication Protocol
(ERP). It consists of the following steps: (ERP). It consists of the following steps:
Bootstrapping Bootstrapping
A root key for re-authentication is derived from the Extended A root key for re-authentication is derived from the Extended
Master Session Key (EMSK) created during EAP authentication Master Session Key (EMSK) created during EAP authentication
[RFC5295]. This root key is transported from the EAP server to [RFC5295]. This root key is transported from the EAP server to
the ER server. the ER server.
Re-authentication Re-authentication
A one-round-trip exchange between the peer and the ER server, A one-round-trip exchange between the peer and the ER server,
resulting in mutual authentication. To support the EAP resulting in mutual authentication. To support the EAP
reauthentication functionality, ERP defines two new EAP codes - re-authentication functionality, ERP defines two new EAP codes --
EAP-Initiate and EAP-Finish. EAP-Initiate and EAP-Finish.
This document defines how Diameter transports the ERP messages during This document defines how Diameter transports the ERP messages during
the re-authentication process. For this purpose, we define a new the re-authentication process. For this purpose, we define a new
Application Identifier for ERP, and re-use the Diameter EAP commands Application Identifier for ERP and reuse the Diameter EAP commands
(DER/DEA). Diameter-EAP-Request (DER) / Diameter-EAP-Answer (DEA).
This document also discusses the distribution of the root key during This document also discusses the distribution of the root key during
bootstrapping, in conjunction with either the initial EAP bootstrapping, in conjunction with either the initial EAP
authentication (implicit bootstrapping) or the first ERP exchange authentication (implicit bootstrapping) or the first ERP exchange
(explicit bootstrapping). Security considerations for this key (explicit bootstrapping). Security considerations for this key
distribution are detailed in Section 7.4 of Salowey, et distribution are detailed in Section 7.4 of Salowey, et al.
al. [RFC5295]. [RFC5295].
2. Terminology 2. Terminology
This document uses terminology defined in Aboba, et al. [RFC3748], This document uses terminology defined in Aboba, et al. [RFC3748],
Salowey, et al. [RFC5295], Cao, et al. [RFC6696], and Eronen, et Salowey, et al. [RFC5295], Cao, et al. [RFC6696], and Eronen, et al.
al. [RFC4072]. [RFC4072].
Following RFC 5295, the term "domain" herein refers to a key Following RFC 5295, the term "domain" herein refers to a key
management domain unless otherwise qualified. Similarly, the terms management domain unless otherwise qualified. Similarly, the terms
"home domain", and "local domain" have the same meaning here as in "home domain" and "local domain" have the same meaning here as in RFC
RFC 6696. 6696.
The re-authentication Domain-Specific Root Key (rDSRK) is a re- The re-authentication Domain-Specific Root Key (rDSRK) is a
authentication Root Key (rRK, [RFC6696]) derived from the DSRK re-authentication Root Key (rRK) [RFC6696] derived from the Domain-
instead of the EMSK. Specific Root Key (DSRK) instead of the EMSK.
"Root key" (RK) or "bootstrapping material" refers to the rRK or "Root key" (RK) or "bootstrapping material" refers to the rRK or
rDSRK derived from an EMSK, depending on whether the ER server is rDSRK derived from an EMSK, depending on whether the ER server is
located in the home or a foreign domain. located in the home or a foreign domain.
We use the notation "ERP/DER" and "ERP/DEA" in this document to refer We use the notation "ERP/DER" and "ERP/DEA" in this document to refer
to Diameter-EAP-Request and Diameter-EAP-Answer commands with the to Diameter-EAP-Request and Diameter-EAP-Answer commands with the
Application Id set to <Diameter ERP Application> (Section 10.1); the Application Id set to <Diameter ERP> (Section 10.1); the same
same commands are denoted "EAP/DER" and "EAP/DEA" when the commands are denoted "EAP/DER" and "EAP/DEA" when the Application Id
Application Id in the message is set to <Diameter EAP Application> in the message is set to <Diameter EAP> [RFC4072].
[RFC4072].
2.1. Requirements Language 2.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. Assumptions 3. Assumptions
This document assumes the existence of at most one logical ER server This document assumes the existence of, at most, one logical ER
entity in a given domain. If several physical servers are deployed server entity in a given domain. If several physical servers are
for robustness, a replication mechanism must be deployed to deployed for robustness, a replication mechanism must be deployed to
synchronize the ERP state (e.g., root keys) between these servers. synchronize the ERP state (e.g., root keys) between these servers.
Any such replication mechanism is outside the scope of this document. Any such replication mechanism is outside the scope of this document.
If multiple ER servers are deployed in the domain, we assume that If multiple ER servers are deployed in the domain, we assume that
they can be used interchangeably. If multiple ER servers are they can be used interchangeably. If multiple ER servers are
deployed across multiple domains, we assume that only one ER server, deployed across multiple domains, we assume that only one ER server,
topologically close to the peer, is involved in ERP, distance being topologically close to the peer, is involved in ERP, with distance
measured in terms of Diameter hops. being measured in terms of Diameter hops.
This document also assumes the existence of at most one EAP server This document also assumes the existence of, at most, one EAP server
entity in the home domain. In case of multiple physical home EAP entity in the home domain. In case of multiple physical home EAP
servers, if the ER server wants to reach the same home EAP server, servers, if the ER server wants to reach the same home EAP server,
the ER server SHOULD cache the Destination-Host AVP corresponding to the ER server SHOULD cache the Destination-Host AVP corresponding to
the home EAP server it requests. the home EAP server it requests.
In general, it is assumed that key management domain names and In general, it is assumed that key management domain names and
Diameter realm names are identical for any given domain/realm. Diameter realm names are identical for any given domain/realm.
4. Protocol Overview 4. Protocol Overview
The following figure illustrates the components involved in ERP and The following figure illustrates the components involved in ERP and
their interactions. their interactions.
Diameter +--------+ Diameter +--------+
+-------------+ ERP +-----------+ (*) | Home | +-------------+ ERP +-----------+ (*) | Home |
Peer <->|Authenticator|<=======>| ER server | <---> | EAP | Peer <->|Authenticator|<=======>| ER server | <---> | EAP |
+-------------+ +-----------+ | server | +-------------+ +-----------+ | server |
+--------+ +--------+
(*) Diameter EAP application, explicit bootstrapping scenario only. (*) Diameter EAP application; explicit bootstrapping scenario only.
Figure 1: Diameter ERP Overview. Figure 1: Diameter ERP Overview
The ER server is located either in the home domain (same as EAP The ER server is located either in the home domain (same as the EAP
server) or in the local domain (same as authenticator, when it server) or in the local domain (same as the authenticator, when it
differs from the home domain). differs from the home domain).
When the peer initiates an ERP exchange, the authenticator creates a When the peer initiates an ERP exchange, the authenticator creates a
Diameter-EAP-Request (DER) message [RFC4072]. The Application Id of DER message [RFC4072]. The Application Id of the message is set to
the message is set to that of the Diameter ERP application that of the Diameter ERP application (Section 10.1) in the message.
Section 10.1 in the message. The generation of the ERP/DER message The generation of the ERP/DER message is detailed in Section 6.
is detailed in Section 6.
If there is an ER server in the same domain as the authenticator If there is an ER server in the same domain as the authenticator
(i.e., the local domain), Diameter routing MUST be configured so that (i.e., the local domain), Diameter routing MUST be configured so that
this ERP/DER message reaches that server, even if the Destination- this ERP/DER message reaches that server, even if the Destination-
Realm is not the same as local domain. Realm is not the same as the local domain.
If there is no local ER server, the message is routed according to If there is no local ER server, the message is routed according to
its Destination-Realm AVP content, extracted from the realm component its Destination-Realm AVP content, extracted from the realm component
of the keyName-NAI attribute. As specified in RFC 6696, this realm of the keyName-NAI attribute. As specified in RFC 6696, this realm
is the home domain of the peer in the case of bootstrapping exchange is the home domain of the peer in the case of bootstrapping exchange
('B' flag is set in ERP message) or the domain of the bootstrapped ER ('B' flag is set in ERP message) or the domain of the bootstrapped ER
server otherwise. . server otherwise.
If no ER server is available in the home domain either, the ERP/DER If no ER server is available in the home domain either, the ERP/DER
message cannot be delivered, and an error DIAMETER_UNABLE_TO_DELIVER message cannot be delivered and an error, DIAMETER_UNABLE_TO_DELIVER,
MUST be generated as specified in RFC 6733 and returned to the MUST be generated, as specified in RFC 6733, and returned to the
authenticator. The authenticator MAY cache this information (with authenticator. The authenticator MAY cache this information (with
limited duration) to avoid further attempts to execute ERP with this limited duration) to avoid further attempts to execute ERP with this
realm. It MAY also fallback to full EAP authentication to realm. It MAY also fallback to full EAP authentication to
authenticate the peer. authenticate the peer.
When an ER server receives the ERP/DER message, it searches its local When an ER server receives the ERP/DER message, it searches its local
database for a valid, unexpired root key matching the keyName part of database for a valid, unexpired root key matching the keyName part of
the User-Name AVP. If such key is found, the ER server processes the the User-Name AVP. If such key is found, the ER server processes the
ERP message as described in RFC 6696, then creates the ERP/DEA answer ERP message, as described in RFC 6696, then creates the ERP/DEA
as described in Section 6. The rMSK is included in this answer. answer, as described in Section 6. The re-authentication Master
Session Key (rMSK) is included in this answer.
Finally, the authenticator extracts the rMSK from the ERP/DEA as Finally, the authenticator extracts the rMSK from the ERP/DEA, as
described in RFC 6696, and forwards the content of the EAP-Payload described in RFC 6696, and forwards the content of the EAP-Payload
AVP, the EAP-Finish/Re-Auth message, to the peer. AVP, the EAP-Finish/Re-auth message, to the peer.
The ER server may or may not possess the root key in its local The ER server may or may not possess the root key in its local
database. If the EAP-Initiate/Re-Auth message has its 'B' flag set database. If the EAP-Initiate/Re-auth message has its 'B' flag set
(Bootstrapping exchange) and the ER server possesses the root key, (bootstrapping exchange) and the ER server possesses the root key,
the ER server SHOULD respond directly to the peer that initiated the the ER server SHOULD respond directly to the peer that initiated the
ERP exchange. Otherwise, the ER server SHOULD act as a proxy and ERP exchange. Otherwise, the ER server SHOULD act as a proxy and
forward the message to the home EAP server after changing its forward the message to the home EAP server after changing its
Application Id to Diameter EAP and adding the ERP-RK-Request AVP to Application Id to Diameter EAP and adding the ERP-RK-Request AVP to
request the root key. See Section 5 for more detail on this process. request the root key. See Section 5 for more detail on this process.
5. Bootstrapping the ER Server 5. Bootstrapping the ER Server
The bootstrapping process involves the home EAP server and the ER The bootstrapping process involves the home EAP server and the ER
server, but also impacts the peer and the authenticator. In ERP, the server, but also impacts the peer and the authenticator. In ERP, the
peer must derive the same keying material as the ER server. To peer must derive the same keying material as the ER server. To
achieve this, it must learn the domain name of the ER server. How achieve this, it must learn the domain name of the ER server. How
this information is acquired is outside the scope of this this information is acquired is outside the scope of this
specification, but the authenticator might be configured to advertize specification, but the authenticator might be configured to advertise
this domain name, especially in the case of re-authentication after a this domain name, especially in the case of re-authentication after a
handover. handover.
The bootstrapping of an ER server with a given root key happens The bootstrapping of an ER server with a given root key happens
either during the initial EAP authentication of the peer when the either during the initial EAP authentication of the peer when the
EMSK -- from which the root key is derived -- is created, during the EMSK -- from which the root key is derived -- is created, during the
first re-authentication, or sometime between those events. We only first re-authentication, or sometime between those events. We only
consider the first two possibilities in this specification, in the consider the first two possibilities in this specification, in the
following sub-sections. following subsections.
5.1. Bootstrapping During the Initial EAP authentication 5.1. Bootstrapping during the Initial EAP Authentication
Bootstrapping the ER server during the initial EAP authentication Bootstrapping the ER server during the initial EAP authentication
(also known as implicit bootstrapping) offers the advantage that the (also known as implicit bootstrapping) offers the advantage that the
server is immediately available for re-authentication of the peer, server is immediately available for re-authentication of the peer,
thus minimizing the re-authentication delay. On the other hand, it thus minimizing the re-authentication delay. On the other hand, it
is possible that only a small number of peers will use re- is possible that only a small number of peers will use
authentication in the local domain. Deriving and caching key re-authentication in the local domain. Deriving and caching key
material for all the peers (for example, for the peers that do not material for all the peers (for example, for the peers that do not
support ERP) is a waste of resources and should be avoided. support ERP) is a waste of resources and should be avoided.
To achieve implicit bootstrapping, the ER server acts as a Diameter To achieve implicit bootstrapping, the ER server acts as a Diameter
EAP Proxy , and Diameter routing MUST be configured so that Diameter EAP Proxy, and Diameter routing MUST be configured so that Diameter
EAP application messages are routed through this proxy. The figure EAP application messages are routed through this proxy. The figure
bellow illustrates this mechanism. below illustrates this mechanism.
ER server & ER server &
Authenticator EAP Proxy Home EAP server Authenticator EAP Proxy Home EAP server
============= =========== =============== ============= =========== ===============
-------------------------> ------------------------->
Diameter EAP/DER Diameter EAP/DER
(EAP-Response) (EAP-Response)
-------------------------> ------------------------->
Diameter EAP/DER Diameter EAP/DER
(EAP-Response) (EAP-Response)
skipping to change at page 7, line 30 skipping to change at page 7, line 35
Diameter EAP/DEA Diameter EAP/DEA
(EAP-Success) (EAP-Success)
(MSK) (MSK)
(Key AVP (rRK)) (Key AVP (rRK))
<------------------------- <-------------------------
Diameter EAP/DEA Diameter EAP/DEA
(EAP-Success) (EAP-Success)
(MSK) (MSK)
[ERP-Realm] [ERP-Realm]
Figure 2: ERP Bootstrapping During Full EAP Authentication Figure 2: ERP Bootstrapping during Full EAP Authentication
The authenticator creates the first DER of the full EAP The authenticator creates the first DER of the full EAP
authentication and sends it to the ER server. The ER server proxies authentication and sends it to the ER server. The ER server proxies
the first DER of the full EAP authentication and adds the ERP-RK- the first DER of the full EAP authentication and adds the
Request AVP inside, then forwards the request to the home EAP server. ERP-RK-Request AVP inside, then forwards the request to the home EAP
server.
If the home Diameter server does not support the Diameter ERP If the home Diameter server does not support the Diameter ERP
extensions, it simply ignores the ERP-RK-Request AVP and continues as extensions, it simply ignores the ERP-RK-Request AVP and continues as
specified in RFC 4072 [RFC4072]. If the server supports the ERP specified in RFC 4072 [RFC4072]. If the server supports the ERP
extensions, it saves the value of the ERP-Realm AVP found inside the extensions, it saves the value of the ERP-Realm AVP found inside the
ERP-RK-Request AVP, and continues with the EAP authentication. When ERP-RK-Request AVP, and continues with the EAP authentication. When
the authentication completes, if it is successful and the EAP method the authentication completes, if it is successful and the EAP method
has generated an EMSK, the server MUST derive the rRK as specified in has generated an EMSK, the server MUST derive the rRK as specified in
RFC 6696, using the saved ERP realm name. It then includes the rRK RFC 6696, using the saved ERP realm name. It then includes the rRK
inside a Key AVP (Section 8.3) with the Key-Type AVP set to rRK, inside a Key AVP (Section 8.3) with the Key-Type AVP set to rRK,
before sending the DEA as usual. before sending the DEA as usual.
When the ER server proxies a Diameter-EAP-Answer message with a When the ER server proxies a Diameter-EAP-Answer message with a
Session-Id corresponding to a message to which it added an ERP-RK- Session-Id corresponding to a message to which it added an
Request AVP, and the Result-Code is DIAMETER_SUCCESS, it MUST examine ERP-RK-Request AVP, and the Result-Code is DIAMETER_SUCCESS, it MUST
the message and save and remove any Key AVP (Section 8.3) with Key- examine the message and save and remove any Key AVP (Section 8.3)
Type AVP set to rRK. If the message does not contain such Key AVP, with Key-Type AVP set to rRK. If the message does not contain such a
the ER server may cache the information that ERP is not possible for Key AVP, the ER server may cache the information that
this session to avoid possible subsequent attempts. In any case, the re-authentication via ERP is not possible for the session in order to
information stored in ER server concerning a session should not have avoid any subsequent attempts. In any case, the information stored
a lifetime greater than the EMSK for this session. in the ER server concerning a session should not have a lifetime
greater than the EMSK for this session.
If the ER server is successfully bootstrapped, it should also add the If the ER server is successfully bootstrapped, it should also add the
ERP-Realm AVP after removing the Key AVP with Key-Type of rRK in the ERP-Realm AVP after removing the Key AVP with Key-Type of rRK in the
EAP/DEA message. This ERP-Realm information can be used by the EAP/DEA message. This ERP-Realm information can be used by the
authenticator to notify the peer that ER server is bootstrapped, and authenticator to notify the peer that the ER server is bootstrapped,
for which domain. How this information can be transmitted to the and for which domain. How this information can be transmitted to the
peer is outside the scope of this document. This information needs peer is outside the scope of this document. This information needs
to be sent to the peer if both implicit and explicit bootstrapping to be sent to the peer if both implicit and explicit bootstrapping
mechanisms are possible, because the ERP message and the root key mechanisms are possible, because the ERP message and the root key
used for protecting this message are different in bootstrapping used for protecting this message are different in bootstrapping
exchanges and non-bootstrapping exchanges. exchanges and non-bootstrapping exchanges.
5.2. Bootstrapping During the First Re-authentication 5.2. Bootstrapping during the First Re-authentication
Bootstrapping the ER server during the first re-authentication (also Bootstrapping the ER server during the first re-authentication (also
known as explicit bootstrapping) is only needed when there is no ER known as explicit bootstrapping) is only needed when there is no ER
server in the local domain and there is an ER server in the home server in the local domain and there is an ER server in the home
domain. It is less resource-intensive, since the EMSK generated domain. It is less resource intensive, since the EMSK generated
during initial EAP authentication is reused to derive root keys. On during initial EAP authentication is reused to derive root keys. On
the other hand, the first re-authentication requires a one-round-trip the other hand, the first re-authentication requires a one-round-trip
exchange with the home EAP server, since the EMSK is generated during exchange with the home EAP server, since the EMSK is generated during
the initial EAP authentication and never leaves the home EAP server, the initial EAP authentication and never leaves the home EAP server,
which is less efficient than implicit bootstrapping. which is less efficient than implicit bootstrapping.
The EAP-Initiate/Re-auth message is sent to the home ER server. The The EAP-Initiate/Re-auth message is sent to the home ER server. The
home ER server receives the ERP/DER message containing the EAP- home ER server receives the ERP/DER message containing the
Initiate/Re-Auth message with the 'B' flag set. It creates the new EAP-Initiate/Re-auth message with the 'B' flag set. It creates the
EAP/DER message using the received DRP/DER message and performs the new EAP/DER message using the received ERP/DER message and performs
following processing: the following processing:
Set the Application Id in the header of the message to <Diameter Set the Application Id in the header of the message to
EAP Application> [RFC4072] <Diameter EAP> [RFC4072].
Extract the ERP-RK-Request AVP from the ERP/DER message, which Extract the ERP-RK-Request AVP from the ERP/DER message, which
contains the name of the domain where the ER server is located and contains the name of the domain where the ER server is located,
add it to the newly created ERP/DER message. and add it to the newly created ERP/DER message.
Then the newly created EAP/DER is sent and routed to the home Then, the newly created EAP/DER is sent and routed to the home
Diameter EAP application server. Diameter EAP application server.
If the home Diameter EAP server does not support ERP extensions, EAP If the home Diameter EAP server does not support ERP extensions, EAP
packets with an unknown ERP-specific code (EAP-Initiate) will not be packets with an unknown ERP-specific code (EAP-Initiate) will not be
understood. In such a case, the home Diameter EAP server MUST send understood. In such a case, the home Diameter EAP server MUST send
an EAP/DEA with a Result-Code indicating a Permanent Failure (for an EAP/DEA with a Result-Code indicating a Permanent Failure (for
example, DIAMETER_ERROR_EAP_CODE_UNKNOWN or example, DIAMETER_ERROR_EAP_CODE_UNKNOWN or
DIAMETER_UNABLE_TO_COMPLY). The Failed-AVP AVP MUST be included and DIAMETER_UNABLE_TO_COMPLY). The Failed-AVP AVP MUST be included and
contain a copy of the EAP-Payload AVP. Otherwise, it processes the contain a copy of the EAP-Payload AVP. Otherwise, it processes the
DSRK request as described in RFC 6696. In particular, it includes DSRK request, as described in RFC 6696. In particular, it includes
the Domain- Name TLV attribute with the content from the ERP-Realm the Domain-Name TLV attribute with the content from the ERP-Realm
AVP. The server creates the EAP/DEA reply message [RFC4072] AVP. The server creates the EAP/DEA reply message [RFC4072],
including an instance of the Key AVP (Section 8.3) with Key-Type AVP including an instance of the Key AVP (Section 8.3) with the Key-Type
set to rRK and an instance of the Domain-Name TLV attribute with the AVP set to rRK and an instance of the Domain-Name TLV attribute with
content from the ERP-Realm AVP. the content from the ERP-Realm AVP.
The ER server receives this EAP/DEA and proxies it as follows, in The ER server receives this EAP/DEA and proxies it as follows, in
addition to standard proxy operations: addition to standard proxy operations:
Set the Application Id back to Diameter ERP Application Id Set the Application Id back to Diameter ERP Application Id
(Section 10.1) (Section 10.1).
Extract and cache the content of the Key AVP with Key-Type set to Extract and cache the content of the Key AVP with Key-Type set to
rRK, as described in Section 5.1). rRK, as described in Section 5.1).
The ERP/DEA message is then forwarded to the authenticator, that can The ERP/DEA message is then forwarded to the authenticator that can
use the rMSK as described in RFC 6696. use the rMSK as described in RFC 6696.
The figure below captures this proxy behavior: The figure below captures this proxy behavior:
Authenticator ER server Home Diameter server Authenticator ER server Home Diameter server
============= ========= ==================== ============= ========= ====================
-----------------------> ----------------------->
Diameter ERP/DER Diameter ERP/DER
(EAP-Initiate) (EAP-Initiate)
------------------------> ------------------------>
skipping to change at page 10, line 5 skipping to change at page 11, line 5
(EAP-Success) (EAP-Success)
(Key AVP (rRK)) (Key AVP (rRK))
(Key AVP (rMSK)) (Key AVP (rMSK))
<---------------------- <----------------------
Diameter ERP/DEA Diameter ERP/DEA
(EAP-Finish) (EAP-Finish)
(Key AVP (rMSK)) (Key AVP (rMSK))
Figure 3: ERP Explicit Bootstrapping Message Flow Figure 3: ERP Explicit Bootstrapping Message Flow
6. Re-Authentication 6. Re-authentication
This section describes in detail a re-authentication exchange with an This section describes in detail a re-authentication exchange with an
ER server that was previously bootstrapped. The following figure ER server that was previously bootstrapped. The following figure
summarizes the re-authentication exchange. summarizes the re-authentication exchange.
ER server ER server
Peer Authenticator (bootstrapped) Peer Authenticator (bootstrapped)
==== ============= ====================== ==== ============= ======================
[ <------------------------ ] [ <------------------------ ]
[optional EAP-Initiate/Re-auth-start,] [optional EAP-Initiate/Re-auth-start,]
[ possibly with ERP domain name ] [ possibly with ERP domain name ]
-----------------------> ----------------------->
EAP-Initiate/Re-auth EAP-Initiate/Re-auth
===============================> ===============================>
Diameter ERP, cmd code DER Diameter ERP, cmd code DER
User-Name: Keyname-NAI User-Name: keyName-NAI
EAP-Payload: EAP-Initiate/Re-auth EAP-Payload: EAP-Initiate/Re-auth
<=============================== <===============================
Diameter ERP, cmd code DEA Diameter ERP, cmd code DEA
EAP-Payload: EAP-Finish/Re-auth EAP-Payload: EAP-Finish/Re-auth
Key AVP: rMSK Key AVP: rMSK
<---------------------- <----------------------
EAP-Finish/Re-auth EAP-Finish/Re-auth
Figure 4: Diameter ERP Re-authentication Exchange Figure 4: Diameter ERP Re-authentication Exchange
The peer sends an EAP-Initiate/Re-auth message to the ER server via The peer sends an EAP-Initiate/Re-auth message to the ER server via
the authenticator. Alternatively, the authenticator may send an EAP- the authenticator. Alternatively, the authenticator may send an
Initiate/Re-auth-Start message to the peer to trigger the mechanism. EAP-Initiate/Re-auth-Start message to the peer to trigger the
In this case, the peer responds with an EAP-Initiate/Re-auth message. mechanism. In this case, the peer responds with an
EAP-Initiate/Re-auth message.
If the authenticator does not support ERP (pure Diameter EAP If the authenticator does not support ERP (pure Diameter EAP
[RFC4072] support), it discards the EAP packets with an unknown ERP- [RFC4072] support), it discards the EAP packets with an unknown ERP-
specific code (EAP-Initiate). The peer should fallback to full EAP specific code (EAP-Initiate). The peer should fall back to full EAP
authentication in this case. authentication in this case.
When the authenticator receives an EAP-Initiate/Re-auth message from When the authenticator receives an EAP-Initiate/Re-auth message from
the peer, the message is processed as described in RFC 6696 with the peer, the message is processed as described in RFC 6696, with
regard to the EAP state machine. It creates a Diameter ERP/DER regard to the EAP state machine. It creates a Diameter ERP/DER
message following the general process of Diameter EAP [RFC4072], with message following the general process of Diameter EAP [RFC4072], with
the following differences: the following differences:
The Application Id in the header is set to <Diameter ERP> (code The Application Id in the header is set to <Diameter ERP>
TBD1). (code 13).
The value in Auth-Application-Id AVP is also set to <Diameter The value in the Auth-Application-Id AVP is also set to
ERP>. <Diameter ERP>.
The keyName-NAI attribute from the ERP message is used to create The keyName-NAI attribute from the ERP message is used to create
the content of the User-Name and Destination-Realm AVPs. the content of the User-Name and Destination-Realm AVPs.
The Auth-Request-Type AVP content is set to the appropriate value. The Auth-Request-Type AVP content is set to the appropriate value.
The EAP-Payload AVP contains the EAP-Initiate/Re-Auth message. The EAP-Payload AVP contains the EAP-Initiate/Re-auth message.
Then this ERP/DER message is sent as described in Section 4. Then, this ERP/DER message is sent as described in Section 4.
The ER server receives and processes this request as described in The ER server receives and processes this request as described in
Section 4. It then creates an ERP/DEA message following the general Section 4. It then creates an ERP/DEA message following the general
process described in Eronen, et al. [RFC4072], with the following process described in Eronen, et al. [RFC4072], with the following
differences: differences:
The Application Id in the header is set to <Diameter ERP> (code The Application Id in the header is set to <Diameter ERP>
TBD1). (code 13).
The value of the Auth-Application-Id AVP is also set to <Diameter The value of the Auth-Application-Id AVP is also set to
ERP>. <Diameter ERP>.
The EAP-Payload AVP contains the EAP-Finish/Re-auth message. The EAP-Payload AVP contains the EAP-Finish/Re-auth message.
If authentication is successful, an instance of the Key AVP If authentication is successful, an instance of the Key AVP
containing the Re-authentication Master Session Key (rMSK) derived containing the rMSK derived by ERP is included.
by ERP is included.
When the authenticator receives this ERP/DEA answer, it processes it When the authenticator receives this ERP/DEA answer, it processes it
as described in the Diameter EAP Application specification [RFC4072] as described in the Diameter EAP Application specification [RFC4072]
and RFC 6696: the content of the EAP-Payload AVP is forwarded to the and RFC 6696: the content of the EAP-Payload AVP is forwarded to the
peer, and the contents of the Keying-Material AVP [RFC6734] is used peer, and the contents of the Keying-Material AVP [RFC6734] is used
as a shared secret for a secure association protocol specific to the as a shared secret for a secure association protocol specific to the
lower-layer in use. lower layer in use.
7. Application Id 7. Application Id
We define a new Diameter application in this document, Diameter ERP We define a new Diameter application in this document, Diameter ERP,
Application, with an Application Id value of TBD1. Diameter nodes with an Application Id value of 13. Diameter nodes conforming to
conforming to this specification in the role of ER server MUST this specification in the role of the ER server MUST advertise
advertise support by including an Auth-Application-Id AVP with a support by including an Auth-Application-Id AVP with a value of
value of Diameter ERP in the Capabilities-Exchange-Request and Diameter ERP in the Capabilities-Exchange-Request and
Capabilities-Exchange-Answer commands [RFC6733]. Capabilities-Exchange-Answer commands [RFC6733].
The primary use of the Diameter ERP Application Id is to ensure The primary use of the Diameter ERP Application Id is to ensure
proper routing of the messages, and that the nodes that advertise the proper routing of the messages, and that the nodes that advertise the
support for this application do understand the new AVPs defined in support for this application do understand the new AVPs defined in
Section 8, although these AVP have the 'M' flag cleared. Section 8, although these AVPs have the 'M' flag cleared.
8. AVPs 8. AVPs
The following sub-sections discuss the AVPs used by the Diameter ERP The following subsections discuss the AVPs used by the Diameter ERP
application. application.
8.1. ERP-RK-Request AVP 8.1. ERP-RK-Request AVP
The ERP-RK-Request AVP (AVP Code TBD2) is of type grouped AVP. This The ERP-RK-Request AVP (AVP Code 618) is of type Grouped AVP. This
AVP is used by the ER server to indicate its willingness to act as ER AVP is used by the ER server to indicate its willingness to act as
server for a particular session. the ER server for a particular session.
This AVP has the M and V bits cleared. This AVP has the 'M' and 'V' bits cleared.
ERP-RK-Request ::= < AVP Header: TBD2 > ERP-RK-Request ::= < AVP Header: 618 >
{ ERP-Realm } { ERP-Realm }
* [ AVP ] * [ AVP ]
Figure 5: ERP-RK-Request ABNF Figure 5: ERP-RK-Request ABNF
8.2. ERP-Realm AVP 8.2. ERP-Realm AVP
The ERP-Realm AVP (AVP Code TBD3) is of type DiameterIdentity. It The ERP-Realm AVP (AVP Code 619) is of type DiameterIdentity. It
contains the name of the realm in which the ER server is located. contains the name of the realm in which the ER server is located.
This AVP has the M and V bits cleared. This AVP has the 'M' and 'V' bits cleared.
8.3. Key AVP 8.3. Key AVP
The Key AVP [RFC6734] is of type "Grouped" and is used to carry the The Key AVP [RFC6734] is of type Grouped and is used to carry the rRK
rRK or rMSK and associated attributes. The usage of the Key AVP and or rMSK and associated attributes. The usage of the Key AVP and its
its constituent AVPs in this application is specified in the constituent AVPs in this application is specified in the following
following sub-sections. subsections.
8.3.1. Key-Type AVP 8.3.1. Key-Type AVP
The value of the Key-Type AVP MUST be set to 1 for rRK or 2 for rMSK. The value of the Key-Type AVP MUST be set to 1 for rRK or 2 for rMSK.
8.3.2. Keying-Material AVP 8.3.2. Keying-Material AVP
The Keying-Material AVP contains the rRK sent by the home EAP server The Keying-Material AVP contains the rRK sent by the home EAP server
to the ER server, in answer to a request containing an ERP-RK-Request to the ER server, in answer to a request containing an ERP-RK-Request
AVP, or the rMSK sent by the ER server to the authenticator. How AVP, or the rMSK sent by the ER server to the authenticator. How
this material is derived and used is specified in RFC 6696. this material is derived and used is specified in RFC 6696.
8.3.3. Key-Name AVP 8.3.3. Key-Name AVP
This AVP contains the EMSKname which identifies the keying material. This AVP contains the EMSKname that identifies the keying material.
The derivation of this name is specified in RFC 6696. The derivation of this name is specified in RFC 6696.
8.3.4. Key-Lifetime AVP 8.3.4. Key-Lifetime AVP
The Key-Lifetime AVP contains the lifetime of the keying material in The Key-Lifetime AVP contains the lifetime of the keying material in
seconds. It MUST NOT be greater than the remaining lifetime of the seconds. It MUST NOT be greater than the remaining lifetime of the
EMSK from which the material was derived. EMSK from which the material was derived.
9. Result-Code AVP Values 9. Result-Code AVP Values
This section defines new Result-Code [RFC6733] values that MUST be This section defines new Result-Code [RFC6733] values that MUST be
supported by all Diameter implementations that conform to this supported by all Diameter implementations that conform to this
specification. specification.
9.1. Permanent Failures 9.1. Permanent Failures
Errors that fall within the Permanent Failures category are used to Errors that fall within the Permanent Failures category are used to
inform the peer that the request failed and SHOULD NOT be attempted inform the peer that the request failed and SHOULD NOT be attempted
again. again.
DIAMETER_ERROR_EAP_CODE_UNKNOWN (TBD4) DIAMETER_ERROR_EAP_CODE_UNKNOWN (5048)
This error code is used by the Diameter server to inform the This error code is used by the Diameter server to inform the
peer that the received EAP-PAYLOAD AVP contains an EAP packet peer that the received EAP-Payload AVP contains an EAP packet
with an unknown EAP code. with an unknown EAP code.
10. IANA Considerations 10. IANA Considerations
This document requires IANA registration of the following new IANA has registered the following new elements in the Authentication,
elements in the Authentication, Authorization, and Accounting (AAA) Authorization, and Accounting (AAA) Parameters registries
Parameters registries [AAAPARAMS]. [AAAPARAMS].
10.1. Diameter Application Identifier 10.1. Diameter Application Identifier
This specification requires IANA to allocate a new value "Diameter IANA has allocated a new value "Diameter ERP" (code: 13) in the
ERP" (code: TBD1) in the "Application IDs" registry using the "Application IDs" registry from the "Standards Action" range of
"Specification Required" policy [RFC5226]; see Section 11.3 of RFC numbers using the "Specification Required" policy [RFC5226]; see
3588 [RFC3588] for further details. Section 11.3 of RFC 3588 [RFC3588] for further details.
10.2. New AVPs 10.2. New AVPs
This specification requires IANA to allocate new values from the "AVP IANA has allocated new values from the "AVP Codes" registry according
Codes" registry according to the policy specified in Section 11.1 of to the policy specified in Section 11.1 of Fajardo, et al. [RFC6733]
Fajardo, et al. [RFC6733] for the following AVPs: for the following AVPs:
ERP-RK-Request (code: TBD2) ERP-RK-Request (code: 618)
ERP-Realm (code: TBD3) ERP-Realm (code: 619)
These AVPs are defined in Section 8. These AVPs are defined in Section 8.
10.3. New Permanent Failures Result-Code AVP Values 10.3. New Permanent Failures Result-Code AVP Values
This specification requires IANA to allocate a new value from the IANA has allocated a new value from the "Result-Code AVP Values (code
"Result-Code AVP Values (code 268) - Permanent Failure" registry 268) - Permanent Failure" registry according to the policy specified
according to the policy specified in Section 11.3.2 of Fajardo, et in Section 11.3.2 of Fajardo, et al. [RFC6733] for the following
al. [RFC6733] for the following Result-Code: Result-Code:
DIAMETER_ERROR_EAP_CODE_UNKNOWN (code: TBD4) DIAMETER_ERROR_EAP_CODE_UNKNOWN (code: 5048)
This result-code value is defined in Section 9. This Result-Code value is defined in Section 9.
11. Security Considerations 11. Security Considerations
The security considerations from the following documents apply here: The security considerations from the following documents apply here:
o Eronen, et al. [RFC4072] o Eronen, et al. [RFC4072]
o Salowey, et al. [RFC5295] o Salowey, et al. [RFC5295]
o Cao, et al. [RFC6696] o Cao, et al. [RFC6696]
o Fajardo, et al. [RFC6733] o Fajardo, et al. [RFC6733]
o Zorn, et al. [RFC6734] o Zorn, et al. [RFC6734]
Because this application involves the transmission of sensitive data, Because this application involves the transmission of sensitive data,
including cryptographic keys, it MUST be protected using Transport including cryptographic keys, it MUST be protected using Transport
Layer Security (TLS) [RFC5246], Datagram Transport Layer Security Layer Security (TLS) [RFC5246], Datagram Transport Layer Security
(DTLS) [RFC6347] or IP Encapsulating Security Payload (ESP) (DTLS) [RFC6347], or IP Encapsulating Security Payload (ESP)
[RFC4303]. If TLS or DTLS is used, the bulk encryption algorithm [RFC4303]. If TLS or DTLS is used, the bulk encryption algorithm
negotiated MUST be non-null. If ESP is used, the encryption negotiated MUST be non-null. If ESP is used, the encryption
algorithm MUST be non-null. algorithm MUST be non-null.
12. Contributors 12. Contributors
Hannes Tschofenig wrote the initial draft of this document. Hannes Tschofenig wrote the initial draft of this document.
Lakshminath Dondeti contributed to the early versions of the Lakshminath Dondeti contributed to the early drafts of the document.
document.
13. Acknowledgements 13. Acknowledgements
Hannes Tschofenig, Zhen Cao, Benoit Claise, Elwyn Davies, Menachem Hannes Tschofenig, Zhen Cao, Benoit Claise, Elwyn Davies, Menachem
Dodge, Vincent Roca, Stephen Farrell, Sean Turner, Pete Resnick, Russ Dodge, Vincent Roca, Stephen Farrell, Sean Turner, Pete Resnick, Russ
Housley, Martin Stiemerling and Jouni Korhonen provided useful Housley, Martin Stiemerling, and Jouni Korhonen provided useful
reviews. reviews.
Vidya Narayanan reviewed a rough draft version of the document and Vidya Narayanan reviewed a rough draft version of the document and
found some errors. found some errors.
Many thanks to these people! Many thanks to these people!
14. References 14. References
14.1. Normative References 14.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H.
H. Levkowetz, "Extensible Authentication Protocol Levkowetz, "Extensible Authentication Protocol (EAP)",
(EAP)", RFC 3748, June 2004. RFC 3748, June 2004.
[RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter [RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible
Extensible Authentication Protocol (EAP) Application", Authentication Protocol (EAP) Application", RFC 4072,
RFC 4072, August 2005. August 2005.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226, IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008. May 2008.
[RFC5295] Salowey, J., Dondeti, L., Narayanan, V., and M. [RFC5295] Salowey, J., Dondeti, L., Narayanan, V., and M. Nakhjiri,
Nakhjiri, "Specification for the Derivation of Root Keys "Specification for the Derivation of Root Keys from an
from an Extended Master Session Key (EMSK)", RFC 5295, Extended Master Session Key (EMSK)", RFC 5295, August
August 2008. 2008.
[RFC6696] Cao, Z., He, B., Shi, Y., Wu, Q., and G. Zorn, "EAP [RFC6696] Cao, Z., He, B., Shi, Y., Wu, Q., and G. Zorn, "EAP
Extensions for the EAP Re-authentication Protocol Extensions for the EAP Re-authentication Protocol (ERP)",
(ERP)", RFC 6696, July 2012. RFC 6696, July 2012.
[RFC6733] Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, [RFC6733] Fajardo, V., Arkko, J., Loughney, J., and G. Zorn,
"Diameter Base Protocol", RFC 6733, October 2012. "Diameter Base Protocol", RFC 6733, October 2012.
[RFC6734] Zorn, G., Wu, Q., and V. Cakulev, "Diameter Attribute- [RFC6734] Zorn, G., Wu, Q., and V. Cakulev, "Diameter Attribute-
Value Pairs for Cryptographic Key Transport", RFC 6734, Value Pairs for Cryptographic Key Transport", RFC 6734,
October 2012. October 2012.
14.2. Informative References 14.2. Informative References
[AAAPARAMS] Internet Assigned Numbers Authority, "Authentication, [AAAPARAMS] Internet Assigned Numbers Authority, "Authentication,
Authorization, and Accounting (AAA) Parameters", Authorization, and Accounting (AAA) Parameters",
http://www.iana.org/assignments/aaa-parameters/. <http://www.iana.org/assignments/aaa-parameters/>.
[RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J.
Arkko, "Diameter Base Protocol", RFC 3588, Arkko, "Diameter Base Protocol", RFC 3588, September
September 2003. 2003.
[RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC
RFC 4303, December 2005. 4303, December 2005.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
Security (TLS) Protocol Version 1.2", RFC 5246, (TLS) Protocol Version 1.2", RFC 5246, August 2008.
August 2008.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security Version 1.2", RFC 6347, January 2012. Security Version 1.2", RFC 6347, January 2012.
Authors' Addresses Authors' Addresses
Julien Bournelle Julien Bournelle
Orange Labs Orange Labs
38-40 rue du general Leclerc 38-40 rue du general Leclerc
Issy-Les-Moulineaux 92794 Issy-Les-Moulineaux 92794
France France
EMail: julien.bournelle@orange-ftgroup.com EMail: julien.bournelle@orange.com
Lionel Morand Lionel Morand
Orange Labs Orange Labs
38-40 rue du general Leclerc 38-40 rue du general Leclerc
Issy-Les-Moulineaux 92794 Issy-Les-Moulineaux 92794
France France
EMail: lionel.morand@orange.com EMail: lionel.morand@orange.com
Sebastien Decugis Sebastien Decugis
INSIDE Secure INSIDE Secure
41 Parc Club du Golf 41 Parc Club du Golf
Aix-en-Provence 13856 Aix-en-Provence 13856
France France
Phone: +33 (0)4 42 39 63 00 Phone: +33 (0)4 42 39 63 00
EMail: sdecugis@freediameter.net EMail: sdecugis@freediameter.net
Qin Wu Qin Wu
skipping to change at page 17, line 14 skipping to change at page 18, line 33
Sebastien Decugis Sebastien Decugis
INSIDE Secure INSIDE Secure
41 Parc Club du Golf 41 Parc Club du Golf
Aix-en-Provence 13856 Aix-en-Provence 13856
France France
Phone: +33 (0)4 42 39 63 00 Phone: +33 (0)4 42 39 63 00
EMail: sdecugis@freediameter.net EMail: sdecugis@freediameter.net
Qin Wu Qin Wu
Huawei Technologies Co., Ltd Huawei Technologies Co., Ltd.
Site B, Floor 12F, Huihong Mansion, No.91 Baixia Rd. 101 Software Avenue, Yuhua District
Nanjing 210001 Nanjing, JiangSu 210012
China China
EMail: sunseawq@huawei.com EMail: sunseawq@huawei.com
Glen Zorn Glen Zorn
Network Zen Network Zen
227/358 Thanon Sanphawut 227/358 Thanon Sanphawut
Bang Na, Bangkok 10260 Bang Na, Bangkok 10260
Thailand Thailand
 End of changes. 101 change blocks. 
234 lines changed or deleted 231 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/