| draft-ietf-pana-statemachine-06.txt | draft-ietf-pana-statemachine-07.txt | |||
|---|---|---|---|---|
| PANA Working Group V. Fajardo, Ed. | PANA Working Group V. Fajardo, Ed. | |||
| Internet-Draft Y. Ohba | Internet-Draft Y. Ohba | |||
| Expires: April 3, 2008 TARI | Expires: April 25, 2009 TARI | |||
| R. Lopez | R. Lopez | |||
| Univ. of Murcia | Univ. of Murcia | |||
| October 1, 2007 | October 22, 2008 | |||
| State Machines for Protocol for Carrying Authentication for Network | State Machines for Protocol for Carrying Authentication for Network | |||
| Access (PANA) | Access (PANA) | |||
| draft-ietf-pana-statemachine-06 | draft-ietf-pana-statemachine-07 | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, each author represents that any | By submitting this Internet-Draft, each author represents that any | |||
| applicable patent or other IPR claims of which he or she is aware | applicable patent or other IPR claims of which he or she is aware | |||
| have been or will be disclosed, and any of which he or she becomes | have been or will be disclosed, and any of which he or she becomes | |||
| aware will be disclosed, in accordance with Section 6 of BCP 79. | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 1, line 37 | skipping to change at page 1, line 37 | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on April 3, 2008. | This Internet-Draft will expire on April 25, 2009. | |||
| Copyright Notice | ||||
| Copyright (C) The IETF Trust (2007). | ||||
| Abstract | Abstract | |||
| This document defines the conceptual state machines for the Protocol | This document defines the conceptual state machines for the Protocol | |||
| for Carrying Authentication for Network Access (PANA). The state | for Carrying Authentication for Network Access (PANA). The state | |||
| machines consist of the PANA Client (PaC) state machine and the PANA | machines consist of the PANA Client (PaC) state machine and the PANA | |||
| Authentication Agent (PAA) state machine. The two state machines | Authentication Agent (PAA) state machine. The two state machines | |||
| show how PANA can interface with the EAP state machines. The state | show how PANA can interface with the EAP state machines. The state | |||
| machines and associated model are informative only. Implementations | machines and associated model are informative only. Implementations | |||
| may achieve the same results using different methods. | may achieve the same results using different methods. | |||
| skipping to change at page 4, line 8 | skipping to change at page 4, line 8 | |||
| 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 | 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35 | 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35 | |||
| 12.1. Normative References . . . . . . . . . . . . . . . . . . . 35 | 12.1. Normative References . . . . . . . . . . . . . . . . . . . 35 | |||
| 12.2. Informative References . . . . . . . . . . . . . . . . . . 35 | 12.2. Informative References . . . . . . . . . . . . . . . . . . 35 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 36 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 36 | |||
| Intellectual Property and Copyright Statements . . . . . . . . . . 37 | Intellectual Property and Copyright Statements . . . . . . . . . . 37 | |||
| 1. Introduction | 1. Introduction | |||
| This document defines the state machines for Protocol Carrying | This document defines the state machines for Protocol Carrying | |||
| Authentication for Network Access (PANA) [I-D.ietf-pana-pana]. There | Authentication for Network Access (PANA) [RFC5191]. There are state | |||
| are state machines for the PANA client (PaC) and for the PANA | machines for the PANA client (PaC) and for the PANA Authentication | |||
| Authentication Agent (PAA). Each state machine is specified through | Agent (PAA). Each state machine is specified through a set of | |||
| a set of variables, procedures and a state transition table. | variables, procedures and a state transition table. | |||
| A PANA protocol execution consists of several exchanges to carry | A PANA protocol execution consists of several exchanges to carry | |||
| authentication information. Specifically, EAP PDUs are transported | authentication information. Specifically, EAP PDUs are transported | |||
| inside PANA PDUs between PaC and PAA, that is PANA represents a lower | inside PANA PDUs between PaC and PAA, that is PANA represents a lower | |||
| layer for EAP protocol. Thus, a PANA state machine bases its | layer for EAP protocol. Thus, a PANA state machine bases its | |||
| execution on an EAP state machine execution and vice versa. Thus | execution on an EAP state machine execution and vice versa. Thus | |||
| this document also shows for each of PaC and PAA an interface between | this document also shows for each of PaC and PAA an interface between | |||
| an EAP state machine and a PANA state machine and how this interface | an EAP state machine and a PANA state machine and how this interface | |||
| allows to exchange information between them. Thanks to this | allows to exchange information between them. Thanks to this | |||
| interface, a PANA state machine can be informed about several events | interface, a PANA state machine can be informed about several events | |||
| skipping to change at page 7, line 8 | skipping to change at page 7, line 8 | |||
| machine in [RFC4137] are referred to as the EAP authenticator and the | machine in [RFC4137] are referred to as the EAP authenticator and the | |||
| EAP authenticator state machine, respectively, in this document. If | EAP authenticator state machine, respectively, in this document. If | |||
| an EAP peer and an EAP authenticator follow the state machines | an EAP peer and an EAP authenticator follow the state machines | |||
| defined in [RFC4137], the interfaces between PANA and EAP could be | defined in [RFC4137], the interfaces between PANA and EAP could be | |||
| based on that document. Detailed definition of interfaces between | based on that document. Detailed definition of interfaces between | |||
| PANA and EAP are described in the subsequent sections. | PANA and EAP are described in the subsequent sections. | |||
| 3. Document Authority | 3. Document Authority | |||
| When a discrepancy occurs between any part of this document and any | When a discrepancy occurs between any part of this document and any | |||
| of the related documents ([I-D.ietf-pana-pana], | of the related documents ([RFC5191], [RFC4137] the latter (the other | |||
| [I-D.ietf-pana-mobopts], [RFC4137] the latter (the other documents) | documents) are considered authoritative and takes precedence. | |||
| are considered authoritative and takes precedence. | ||||
| 4. Notations | 4. Notations | |||
| The following state transition tables are completed mostly based on | The following state transition tables are completed mostly based on | |||
| the conventions specified in [RFC4137]. The complete text is | the conventions specified in [RFC4137]. The complete text is | |||
| described below. | described below. | |||
| State transition tables are used to represent the operation of the | State transition tables are used to represent the operation of the | |||
| protocol by a number of cooperating state machines each comprising a | protocol by a number of cooperating state machines each comprising a | |||
| group of connected, mutually exclusive states. Only one state of | group of connected, mutually exclusive states. Only one state of | |||
| skipping to change at page 14, line 33 | skipping to change at page 14, line 33 | |||
| o Other message header flags are not set. They are set explicitly | o Other message header flags are not set. They are set explicitly | |||
| by specific state machine actions. | by specific state machine actions. | |||
| o AVPs that are mandatory included in a message are inserted with | o AVPs that are mandatory included in a message are inserted with | |||
| appropriate values set. | appropriate values set. | |||
| 5.5. Common Retransmition Rules | 5.5. Common Retransmition Rules | |||
| The state machines defined in this document assumes that the PaC and | The state machines defined in this document assumes that the PaC and | |||
| the PAA caches the last transmitted answer message. This scheme is | the PAA caches the last transmitted answer message. This scheme is | |||
| described in Sec 5.2 of [I-D.ietf-pana-pana]. When the PaC or PAA | described in Sec 5.2 of [RFC5191]. When the PaC or PAA receives a | |||
| receives a re-transmitted or duplicate request, it would be able to | re-transmitted or duplicate request, it would be able to re-send the | |||
| re-send the corresponding answer without any aid from the EAP layer. | corresponding answer without any aid from the EAP layer. However, to | |||
| However, to simplify the state machine description, this caching | simplify the state machine description, this caching scheme is | |||
| scheme is omitted in the state machines below. In the case that | omitted in the state machines below. In the case that there is not | |||
| there is not corresponding answer to a re-transmitted request, the | corresponding answer to a re-transmitted request, the request will be | |||
| request will be handled by the corresponding statemachine. | handled by the corresponding statemachine. | |||
| 5.6. Common State Transitions | 5.6. Common State Transitions | |||
| The following transitions can occur at any state with exemptions | The following transitions can occur at any state with exemptions | |||
| explicitly noted. | explicitly noted. | |||
| ---------- | ---------- | |||
| State: ANY | State: ANY | |||
| ---------- | ---------- | |||
| skipping to change at page 35, line 9 | skipping to change at page 35, line 9 | |||
| 11. Acknowledgments | 11. Acknowledgments | |||
| This work was started from state machines originally made by Dan | This work was started from state machines originally made by Dan | |||
| Forsberg. | Forsberg. | |||
| 12. References | 12. References | |||
| 12.1. Normative References | 12.1. Normative References | |||
| [I-D.ietf-pana-pana] | [RFC5191] Forsberg, D., Ohba, Y., Patil, B., Tschofenig, H., and A. | |||
| Forsberg, D., Ohba, Y., Patil, B., Tschofenig, H., and A. | ||||
| Yegin, "Protocol for Carrying Authentication for Network | Yegin, "Protocol for Carrying Authentication for Network | |||
| Access (PANA)", draft-ietf-pana-pana-18 (work in | Access (PANA)", RFC 5191, May 2008. | |||
| progress), September 2007. | ||||
| [I-D.ietf-pana-mobopts] | ||||
| Forsberg, D., "PANA Mobility Optimizations", | ||||
| draft-ietf-pana-mobopts-01 (work in progress), | ||||
| October 2005. | ||||
| 12.2. Informative References | 12.2. Informative References | |||
| [RFC4137] Vollbrecht, J., Eronen, P., Petroni, N., and Y. Ohba, | [RFC4137] Vollbrecht, J., Eronen, P., Petroni, N., and Y. Ohba, | |||
| "State Machines for Extensible Authentication Protocol | "State Machines for Extensible Authentication Protocol | |||
| (EAP) Peer and Authenticator", RFC 4137, August 2005. | (EAP) Peer and Authenticator", RFC 4137, August 2005. | |||
| Authors' Addresses | Authors' Addresses | |||
| Victor Fajardo (editor) | Victor Fajardo (editor) | |||
| skipping to change at page 37, line 7 | skipping to change at page 37, line 7 | |||
| Rafa Marin Lopez | Rafa Marin Lopez | |||
| University of Murcia | University of Murcia | |||
| 30071 Murcia | 30071 Murcia | |||
| Spain | Spain | |||
| Email: rafa@dif.um.es | Email: rafa@dif.um.es | |||
| Full Copyright Statement | Full Copyright Statement | |||
| Copyright (C) The IETF Trust (2007). | Copyright (C) The IETF Trust (2008). | |||
| This document is subject to the rights, licenses and restrictions | This document is subject to the rights, licenses and restrictions | |||
| contained in BCP 78, and except as set forth therein, the authors | contained in BCP 78, and except as set forth therein, the authors | |||
| retain all their rights. | retain all their rights. | |||
| This document and the information contained herein are provided on an | This document and the information contained herein are provided on an | |||
| "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS | "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS | |||
| OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND | OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND | |||
| THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS | THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS | |||
| OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF | OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF | |||
| skipping to change at page 37, line 44 | skipping to change at line 1307 | |||
| attempt made to obtain a general license or permission for the use of | attempt made to obtain a general license or permission for the use of | |||
| such proprietary rights by implementers or users of this | such proprietary rights by implementers or users of this | |||
| specification can be obtained from the IETF on-line IPR repository at | specification can be obtained from the IETF on-line IPR repository at | |||
| http://www.ietf.org/ipr. | http://www.ietf.org/ipr. | |||
| The IETF invites any interested party to bring to its attention any | The IETF invites any interested party to bring to its attention any | |||
| copyrights, patents or patent applications, or other proprietary | copyrights, patents or patent applications, or other proprietary | |||
| rights that may cover technology that may be required to implement | rights that may cover technology that may be required to implement | |||
| this standard. Please address the information to the IETF at | this standard. Please address the information to the IETF at | |||
| ietf-ipr@ietf.org. | ietf-ipr@ietf.org. | |||
| Acknowledgment | ||||
| Funding for the RFC Editor function is provided by the IETF | ||||
| Administrative Support Activity (IASA). | ||||
| End of changes. 11 change blocks. | ||||
| 32 lines changed or deleted | 20 lines changed or added | |||
This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||