--- 1/draft-ietf-hokey-erp-aak-01.txt 2010-05-11 09:11:55.000000000 +0200 +++ 2/draft-ietf-hokey-erp-aak-02.txt 2010-05-11 09:11:55.000000000 +0200 @@ -1,24 +1,24 @@ Network Working Group Z. Cao Internet-Draft H. Deng Intended status: Standards Track China Mobile -Expires: October 29, 2010 Y. Wang +Expires: November 12, 2010 Y. Wang Q. Wu Huawei Technologies Co., Ltd. G. Zorn, Ed. Network Zen - April 27, 2010 + May 11, 2010 EAP Re-authentication Protocol Extensions for Authenticated Anticipatory Keying (ERP/AAK) - draft-ietf-hokey-erp-aak-01 + draft-ietf-hokey-erp-aak-02 Abstract The Extensible Authentication Protocol (EAP) is a generic framework supporting multiple types of authentication methods. The EAP Re-authentication Protocol (ERP) specifies extensions to EAP and the EAP keying hierarchy to support an EAP method-independent protocol for efficient re-authentication between the peer and an EAP re-authentication server through any authenticator. @@ -38,21 +38,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on October 29, 2010. + This Internet-Draft will expire on November 12, 2010. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -69,21 +69,21 @@ 2.1. Standards Language . . . . . . . . . . . . . . . . . . . . 3 2.2. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. ERP/AAK Overview . . . . . . . . . . . . . . . . . . . . . . . 4 4. ERP/AAK Key Hierarchy . . . . . . . . . . . . . . . . . . . . 5 5. Packet and TLV Extension . . . . . . . . . . . . . . . . . . . 6 5.1. EAP-Initiate/Re-auth-Start Packet Extension . . . . . . . 6 5.2. EAP-Initiate/Re-auth Packet Extension . . . . . . . . . . 7 5.3. EAP-Finish/Re-auth extension . . . . . . . . . . . . . . . 9 5.4. TV/TLV and sub-TLV Attributes . . . . . . . . . . . . . . 11 6. Lower Layer Considerations . . . . . . . . . . . . . . . . . . 11 - 7. AAA Transport Consideration . . . . . . . . . . . . . . . . . 11 + 7. AAA Transport Considerations . . . . . . . . . . . . . . . . . 11 8. Security Considerations . . . . . . . . . . . . . . . . . . . 11 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 10.1. Normative References . . . . . . . . . . . . . . . . . . . 12 10.2. Informative References . . . . . . . . . . . . . . . . . . 12 1. Introduction The Extensible Authentication Protocol (EAP) [RFC3748] is a generic framework supporting multiple types of authentication methods. In @@ -480,27 +480,27 @@ TBD. pMSK Lifetime: This is a TV payload. The type of this sub-TLV is TBD. List of Cryptosuites: This is a TLV payload. The type of this sub-TLV is TBD. 6. Lower Layer Considerations - Similar to ERP, the lower layer specifications may need to be revised - to support ERP/AAK. Refer to section 6 of [RFC5296] for additional - guidance. + Similar to ERP, some lower layer specifications may need to be + revised to support ERP/AAK; refer to section 6 of [RFC5296] for + additional guidance. -7. AAA Transport Consideration +7. AAA Transport Considerations - AAA transport of ERP/AAK message is the same as AAA transport of the + AAA transport of ERP/AAK messages is the same as AAA transport of the ERP message [RFC5296]. In addition, the document requires AAA transport of the ERP/AAK keying materials delivered by the ERP/AAK server to the CAP. Hence, a new Diameter ERP/AAK application message should be specified to transport the keying materials. 8. Security Considerations TBD. 9. IANA Considerations @@ -534,22 +534,22 @@ [RFC5296] Narayanan, V. and L. Dondeti, "EAP Extensions for EAP Re-authentication Protocol (ERP)", RFC 5296, August 2008. 10.2. Informative References [I-D.ietf-dime-local-keytran] Zorn, G., Wu, W., and V. Cakulev, "Diameter Attribute-Value Pairs for Cryptographic Key Transport", - draft-ietf-dime-local-keytran-02 (work - in progress), March 2010. + draft-ietf-dime-local-keytran-03 (work + in progress), May 2010. [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003. [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. Levkowetz, "Extensible Authentication Protocol (EAP)", RFC 3748, June 2004.