draft-ietf-hokey-erp-aak-01.txt   draft-ietf-hokey-erp-aak-02.txt 
Network Working Group Z. Cao Network Working Group Z. Cao
Internet-Draft H. Deng Internet-Draft H. Deng
Intended status: Standards Track China Mobile Intended status: Standards Track China Mobile
Expires: October 29, 2010 Y. Wang Expires: November 12, 2010 Y. Wang
Q. Wu Q. Wu
Huawei Technologies Co., Ltd. Huawei Technologies Co., Ltd.
G. Zorn, Ed. G. Zorn, Ed.
Network Zen Network Zen
April 27, 2010 May 11, 2010
EAP Re-authentication Protocol Extensions for Authenticated Anticipatory EAP Re-authentication Protocol Extensions for Authenticated Anticipatory
Keying (ERP/AAK) Keying (ERP/AAK)
draft-ietf-hokey-erp-aak-01 draft-ietf-hokey-erp-aak-02
Abstract Abstract
The Extensible Authentication Protocol (EAP) is a generic framework The Extensible Authentication Protocol (EAP) is a generic framework
supporting multiple types of authentication methods. supporting multiple types of authentication methods.
The EAP Re-authentication Protocol (ERP) specifies extensions to EAP The EAP Re-authentication Protocol (ERP) specifies extensions to EAP
and the EAP keying hierarchy to support an EAP method-independent and the EAP keying hierarchy to support an EAP method-independent
protocol for efficient re-authentication between the peer and an EAP protocol for efficient re-authentication between the peer and an EAP
re-authentication server through any authenticator. re-authentication server through any authenticator.
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 29, 2010. This Internet-Draft will expire on November 12, 2010.
Copyright Notice Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 35 skipping to change at page 2, line 35
2.1. Standards Language . . . . . . . . . . . . . . . . . . . . 3 2.1. Standards Language . . . . . . . . . . . . . . . . . . . . 3
2.2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. ERP/AAK Overview . . . . . . . . . . . . . . . . . . . . . . . 4 3. ERP/AAK Overview . . . . . . . . . . . . . . . . . . . . . . . 4
4. ERP/AAK Key Hierarchy . . . . . . . . . . . . . . . . . . . . 5 4. ERP/AAK Key Hierarchy . . . . . . . . . . . . . . . . . . . . 5
5. Packet and TLV Extension . . . . . . . . . . . . . . . . . . . 6 5. Packet and TLV Extension . . . . . . . . . . . . . . . . . . . 6
5.1. EAP-Initiate/Re-auth-Start Packet Extension . . . . . . . 6 5.1. EAP-Initiate/Re-auth-Start Packet Extension . . . . . . . 6
5.2. EAP-Initiate/Re-auth Packet Extension . . . . . . . . . . 7 5.2. EAP-Initiate/Re-auth Packet Extension . . . . . . . . . . 7
5.3. EAP-Finish/Re-auth extension . . . . . . . . . . . . . . . 9 5.3. EAP-Finish/Re-auth extension . . . . . . . . . . . . . . . 9
5.4. TV/TLV and sub-TLV Attributes . . . . . . . . . . . . . . 11 5.4. TV/TLV and sub-TLV Attributes . . . . . . . . . . . . . . 11
6. Lower Layer Considerations . . . . . . . . . . . . . . . . . . 11 6. Lower Layer Considerations . . . . . . . . . . . . . . . . . . 11
7. AAA Transport Consideration . . . . . . . . . . . . . . . . . 11 7. AAA Transport Considerations . . . . . . . . . . . . . . . . . 11
8. Security Considerations . . . . . . . . . . . . . . . . . . . 11 8. Security Considerations . . . . . . . . . . . . . . . . . . . 11
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12
10.1. Normative References . . . . . . . . . . . . . . . . . . . 12 10.1. Normative References . . . . . . . . . . . . . . . . . . . 12
10.2. Informative References . . . . . . . . . . . . . . . . . . 12 10.2. Informative References . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
The Extensible Authentication Protocol (EAP) [RFC3748] is a generic The Extensible Authentication Protocol (EAP) [RFC3748] is a generic
framework supporting multiple types of authentication methods. In framework supporting multiple types of authentication methods. In
skipping to change at page 11, line 37 skipping to change at page 11, line 37
TBD. TBD.
pMSK Lifetime: This is a TV payload. The type of this sub-TLV is pMSK Lifetime: This is a TV payload. The type of this sub-TLV is
TBD. TBD.
List of Cryptosuites: This is a TLV payload. The type of this List of Cryptosuites: This is a TLV payload. The type of this
sub-TLV is TBD. sub-TLV is TBD.
6. Lower Layer Considerations 6. Lower Layer Considerations
Similar to ERP, the lower layer specifications may need to be revised Similar to ERP, some lower layer specifications may need to be
to support ERP/AAK. Refer to section 6 of [RFC5296] for additional revised to support ERP/AAK; refer to section 6 of [RFC5296] for
guidance. additional guidance.
7. AAA Transport Consideration 7. AAA Transport Considerations
AAA transport of ERP/AAK message is the same as AAA transport of the AAA transport of ERP/AAK messages is the same as AAA transport of the
ERP message [RFC5296]. In addition, the document requires AAA ERP message [RFC5296]. In addition, the document requires AAA
transport of the ERP/AAK keying materials delivered by the ERP/AAK transport of the ERP/AAK keying materials delivered by the ERP/AAK
server to the CAP. Hence, a new Diameter ERP/AAK application message server to the CAP. Hence, a new Diameter ERP/AAK application message
should be specified to transport the keying materials. should be specified to transport the keying materials.
8. Security Considerations 8. Security Considerations
TBD. TBD.
9. IANA Considerations 9. IANA Considerations
skipping to change at page 12, line 43 skipping to change at page 12, line 43
[RFC5296] Narayanan, V. and L. Dondeti, "EAP [RFC5296] Narayanan, V. and L. Dondeti, "EAP
Extensions for EAP Re-authentication Extensions for EAP Re-authentication
Protocol (ERP)", RFC 5296, Protocol (ERP)", RFC 5296,
August 2008. August 2008.
10.2. Informative References 10.2. Informative References
[I-D.ietf-dime-local-keytran] Zorn, G., Wu, W., and V. Cakulev, [I-D.ietf-dime-local-keytran] Zorn, G., Wu, W., and V. Cakulev,
"Diameter Attribute-Value Pairs for "Diameter Attribute-Value Pairs for
Cryptographic Key Transport", Cryptographic Key Transport",
draft-ietf-dime-local-keytran-02 (work draft-ietf-dime-local-keytran-03 (work
in progress), March 2010. in progress), May 2010.
[RFC3588] Calhoun, P., Loughney, J., Guttman, [RFC3588] Calhoun, P., Loughney, J., Guttman,
E., Zorn, G., and J. Arkko, "Diameter E., Zorn, G., and J. Arkko, "Diameter
Base Protocol", RFC 3588, Base Protocol", RFC 3588,
September 2003. September 2003.
[RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J.,
Carlson, J., and H. Levkowetz, Carlson, J., and H. Levkowetz,
"Extensible Authentication Protocol "Extensible Authentication Protocol
(EAP)", RFC 3748, June 2004. (EAP)", RFC 3748, June 2004.
 End of changes. 9 change blocks. 
12 lines changed or deleted 12 lines changed or added

This html diff was produced by rfcdiff 1.38. The latest version is available from http://tools.ietf.org/tools/rfcdiff/