draft-ietf-rap-rsvp-authsession-01.txt   draft-ietf-rap-rsvp-authsession-02.txt 
RAP Working Group L-N. Hamer RAP Working Group L-N. Hamer
Internet Draft B. Gage Internet Draft B. Gage
Expires April 31, 2002 M. Broda Expires August 31, 2002 M. Broda
Nortel Networks Nortel Networks
B. Kosinski B. Kosinski
University of Alberta University of Alberta
Hugh Shieh Hugh Shieh
AT&T Wireless AT&T Wireless
November 2001 February 2002
Session Authorization for RSVP Session Authorization for RSVP
draft-ietf-rap-rsvp-authsession-01.txt draft-ietf-rap-rsvp-authsession-02.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026 [1]. all provisions of Section 10 of RFC2026 [1].
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Internet-Drafts are draft documents valid for a maximum of Drafts. Internet-Drafts are draft documents valid for a maximum of
six months and may be updated, replaced, or obsoleted by other six months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts as documents at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress." reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet- Draft Shadow Directories can be accessed at The list of Internet- Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
The distribution of this memo is unlimited. This memo is filed as The distribution of this memo is unlimited. This memo is filed as
<draft-ietf-rap-rsvp-authsession-01.txt>, and expires April 31, <draft-ietf-rap-rsvp-authsession-02.txt>, and expires August 31,
2002. Please send comments to the authors. 2002. Please send comments to the authors.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved. Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract Abstract
This document describes the representation of session authorization This document describes the representation of session authorization
information in the POLICY_DATA object [POL-EXT] for supporting information in the POLICY_DATA object [POL-EXT] for supporting
policy-based per-session authorization and admission control in policy-based per-session authorization and admission control in
RSVP. The goal of session authorization is to allow the exchange RSVP. The goal of session authorization is to allow the exchange
of information between network elements in order to authorize the of information between network elements in order to authorize the
use of resources for a service and to co-ordinate actions between use of resources for a service and to co-ordinate actions between
the signaling and transport planes. This document describes how a the signaling and transport planes. This document describes how a
skipping to change at page 5, line 38 skipping to change at page 5, line 38
in section 7, IANA Considerations. Initially, the registry in section 7, IANA Considerations. Initially, the registry
contains the following sub-types of AUTH_ENT_ID: contains the following sub-types of AUTH_ENT_ID:
1 IPV4_ADDRESS IPv4 address 1 IPV4_ADDRESS IPv4 address
2 IPV6_ADDRESS IPv6 address 2 IPV6_ADDRESS IPv6 address
3 FQDN Fully Qualified Domain Name 3 FQDN Fully Qualified Domain Name
4 ASCII_DN X.500 Distinguished name as defined 4 ASCII_DN X.500 Distinguished name as defined
in RFC-1779 as an ASCII string. in RFC-2253 as an ASCII string.
5 UNICODE_DN X.500 Distinguished name as defined 5 UNICODE_DN X.500 Distinguished name as defined
in RFC-1779 as a UNICODE string. in RFC-2253 as a UNICODE string.
6 URI Universal Resource Identifier, as 6 URI Universal Resource Identifier, as
defined in RFC-2396. defined in RFC-2396.
7 KRB_PRINCIPAL Kerberos principal name as defined in 7 KRB_PRINCIPAL Kerberos principal name as defined in
RFC-1510. RFC-1510.
8 KRB_REALM Kerberos realm as defined in RFC-1510.
OctetString OctetString
Contains the authorizing entity identifier. Contains the authorizing entity identifier.
3.3.2 Authorizing Entity Credentials 3.3.2 Authorizing Entity Credentials
AUTH_ENT_CRED contains the credentials of the authorizing entity, AUTH_ENT_CRED contains the credentials of the authorizing entity,
which can then be used by the network to ensure that the entity which can then be used by the network to ensure that the entity
which generated this session authorization policy element is a which generated this session authorization policy element is a
valid trusted entity. valid trusted entity.
skipping to change at page 13, line 59 skipping to change at page 13, line 59
PKI authentication option should provide highest level of PKI authentication option should provide highest level of
security and good scalability, however it requires infrastructure security and good scalability, however it requires infrastructure
support and may have performance impacts. support and may have performance impacts.
9. Acknowledgments 9. Acknowledgments
We would like to thank Francois Audet, Don Wade, Hamid Syed, We would like to thank Francois Audet, Don Wade, Hamid Syed,
Kwok Ho Chan and many others for their valuable comments. Kwok Ho Chan and many others for their valuable comments.
In addition, we would like to thank S. Yadav, et al, for their In addition, we would like to thank S. Yadav, et al, for their
efforts on RFC 2752, as this document borrows heavily from their efforts on RFC 3182, as this document borrows from their work.
work.
10. References 10. References
[I-REP] S. Yadav et al, "Identity Representation for [I-REP] S. Yadav et al, "Identity Representation for
RSVP", Internet-draft, RSVP", RFC 3182, October 2001
draft-ietf-rap-rsvp-better-identity-00.txt,
June 2001
[S-AUTH] Hamer, L-N. and Gage, B, "Framework for [S-AUTH] L-N. Hamer et al., "Framework for
session setup with media authorization", session setup with media authorization",
Internet-Draft, Internet-Draft,
draft-hamer-rap-session-auth-02.txt, draft-hamer-rap-session-auth-03.txt,
November 2001. February 2002.
[ASCII] Coded Character Set -- 7-Bit American Standard [ASCII] Coded Character Set -- 7-Bit American Standard
Code for Information Interchange, ANSI X3.4- Code for Information Interchange, ANSI X3.4-
1986. 1986.
[IANA-CONSIDERATIONS] Alvestrand, H. and T. Narten, "Guidelines for [IANA-CONSIDERATIONS] Alvestrand, H. and T. Narten, "Guidelines for
Writing an IANA Considerations Section in Writing an IANA Considerations Section in
RFCs", BCP 26, RFC 2434, October 1998. RFCs", BCP 26, RFC 2434, October 1998.
[POL-EXT] Herzog, S., "RSVP Extensions for Policy [POL-EXT] Herzog, S., "RSVP Extensions for Policy
skipping to change at page 14, line 33 skipping to change at page 14, line 33
[RFC-1510] Kohl, J. and C. Neuman, "The Kerberos Network [RFC-1510] Kohl, J. and C. Neuman, "The Kerberos Network
Authentication Service (V5)", RFC 1510, Authentication Service (V5)", RFC 1510,
September 1993. September 1993.
[RFC-1633] Braden, R., Clark, D., Shenker, S., [RFC-1633] Braden, R., Clark, D., Shenker, S.,
"Integrated Services in the Internet "Integrated Services in the Internet
Architecture: An Overview", RFC 1633, Architecture: An Overview", RFC 1633,
June 1994. June 1994.
[RFC-1779] Killie, S., "A String Representation of [RFC-2253] Wahl, M. et al., "UTF-8 String
Distinguished Names", RFC 1779, March 1995. Representation of Distinguished Names",
RFC 2253, December 1997.
[RFC-2205] Braden, R., Zhang, L., Berson, S., Herzog, S. [RFC-2205] Braden, R., Zhang, L., Berson, S., Herzog, S.
and S. Jamin, "Resource ReSerVation Protocol and S. Jamin, "Resource ReSerVation Protocol
(RSVP) - Version 1 Functional Specification", (RSVP) - Version 1 Functional Specification",
RFC 2205, September 1997. RFC 2205, September 1997.
[RFC-2209] Braden, R. and L. Zhang, "Resource ReSerVation [RFC-2209] Braden, R. and L. Zhang, "Resource ReSerVation
Protocol (RSVP) - Version 1 Message Processing Protocol (RSVP) - Version 1 Message Processing
Rules", RFC 2209, September 1997. Rules", RFC 2209, September 1997.
skipping to change at page 15, line 54 skipping to change at page 15, line 54
Ottawa, Canada Ottawa, Canada
EMail: mbroda@nortelnetworks.com EMail: mbroda@nortelnetworks.com
Hugh Shieh Hugh Shieh
AT&T Wireless AT&T Wireless
Redmond, USA Redmond, USA
Email: hugh.shieh@attws.com Email: hugh.shieh@attws.com
12. Full Copyright Statement 12. Full Copyright Statement
Copyright (C) The Internet Society (2001). All Rights Reserved. This Copyright (C) The Internet Society (2002). All Rights Reserved. This
document and translations of it may be copied and furnished to document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph kind, provided that the above copyright notice and this paragraph
are included on all such copies and derivative works. However, this are included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other the copyright notice or references to the Internet Society or other
Internet organisations, except as needed for the purpose of Internet organisations, except as needed for the purpose of
developing Internet standards in which case the procedures for developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be copyrights defined in the Internet Standards process must be
followed, or as required to translate it into. followed, or as required to translate it into.
Expiration Date Expiration Date
This memo is filed as <draft-ietf-rap-rsvp-authsession-01.txt>, and This memo is filed as <draft-ietf-rap-rsvp-authsession-02.txt>, and
expires April 31, 2002. expires August 31, 2002.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/