draft-ietf-hokey-rfc5296bis-03.txt   draft-ietf-hokey-rfc5296bis-04.txt 
Network Working Group Q. Wu, Ed. Network Working Group Q. Wu, Ed.
Internet-Draft Huawei Internet-Draft Huawei
Obsoletes: 5296 (if approved) Z. Cao Obsoletes: 5296 (if approved) Z. Cao
Intended status: Standards Track China Mobile Intended status: Standards Track China Mobile
Expires: December 2, 2011 Y. Shi Expires: January 12, 2012 Y. Shi
H3C H3C
B. He B. He
CATR CATR
May 31, 2011 July 11, 2011
EAP Extensions for EAP Re-authentication Protocol (ERP) EAP Extensions for EAP Re-authentication Protocol (ERP)
draft-ietf-hokey-rfc5296bis-03 draft-ietf-hokey-rfc5296bis-04
Abstract Abstract
The Extensible Authentication Protocol (EAP) is a generic framework The Extensible Authentication Protocol (EAP) is a generic framework
supporting multiple types of authentication methods. In systems supporting multiple types of authentication methods. In systems
where EAP is used for authentication, it is desirable to not repeat where EAP is used for authentication, it is desirable to not repeat
the entire EAP exchange with another authenticator. This document the entire EAP exchange with another authenticator. This document
specifies extensions to EAP and the EAP keying hierarchy to support specifies extensions to EAP and the EAP keying hierarchy to support
an EAP method-independent protocol for efficient re-authentication an EAP method-independent protocol for efficient re-authentication
between the peer and an EAP re-authentication server through any between the peer and an EAP re-authentication server through any
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 2, 2011. This Internet-Draft will expire on January 12, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 28, line 27 skipping to change at page 28, line 27
TVs or TLVs: In the TV payloads, there is a 1-octet type payload TVs or TLVs: In the TV payloads, there is a 1-octet type payload
and a value with type-specific length. In the TLV payloads, there and a value with type-specific length. In the TLV payloads, there
is a 1-octet type payload and a 1-octet length payload. The is a 1-octet type payload and a 1-octet length payload. The
length field indicates the length of the value expressed in number length field indicates the length of the value expressed in number
of octets. of octets.
keyName-NAI: This is carried in a TLV payload. The Type is 1. keyName-NAI: This is carried in a TLV payload. The Type is 1.
The NAI is variable in length, not exceeding 253 octets. The The NAI is variable in length, not exceeding 253 octets. The
EMSKname is in the username part of the NAI and is encoded in EMSKname is in the username part of the NAI and is encoded in
hexadecimal values. The EMSKname is 64 bits in length and so hexadecimal values. The EMSKname is 64 bits in length and so
the username portion takes up 128 octets. If the rIK is the username portion takes up 16 octets. If the rIK is derived
derived from the EMSK, the realm part of the NAI is the home from the EMSK, the realm part of the NAI is the home domain
domain name, and if the rIK is derived from a DSRK, the realm name, and if the rIK is derived from a DSRK, the realm part of
part of the NAI is the domain name used in the derivation of the NAI is the domain name used in the derivation of the DSRK.
the DSRK. The NAI syntax follows [RFC4282]. Exactly one The NAI syntax follows [RFC4282]. Exactly one keyName-NAI
keyName-NAI attribute SHALL be present in an EAP-Initiate/ attribute SHALL be present in an EAP-Initiate/Re-auth packet.
Re-auth packet.
In addition, channel binding information MAY be included; see In addition, channel binding information MAY be included; see
Section 5.5 for discussion. See Figure 12 for parameter Section 5.5 for discussion. See Figure 12 for parameter
specification. specification.
Cryptosuite: This field indicates the integrity algorithm used for Cryptosuite: This field indicates the integrity algorithm used for
ERP. Key lengths and output lengths are either indicated or are ERP. Key lengths and output lengths are either indicated or are
obvious from the cryptosuite name. We specify some cryptosuites obvious from the cryptosuite name. We specify some cryptosuites
below: below:
 End of changes. 5 change blocks. 
11 lines changed or deleted 10 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/