datatracker.ietf.org
Sign in
Version 5.6.2.p5, 2014-08-04
Report a bug

Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4
RFC 3957

Network Working Group                                         C. Perkins
Request for Comments: 3957                         Nokia Research Center
Category: Standards Track                                     P. Calhoun
                                                               Airespace
                                                              March 2005

          Authentication, Authorization, and Accounting (AAA)
                   Registration Keys for Mobile IPv4

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   Authentication, Authorization, and Accounting (AAA) servers, such as
   RADIUS and DIAMETER, are in use within the Internet today to provide
   authentication and authorization services for dial-up computers.
   Mobile IP for IPv4 requires strong authentication between the mobile
   node and its home agent.  When the mobile node shares an AAA Security
   Association with its home AAA server, however, it is possible to use
   that AAA Security Association to create derived Mobility Security
   Associations between the mobile node and its home agent, and again
   between the mobile node and the foreign agent currently offering
   connectivity to the mobile node.  This document specifies extensions
   to Mobile IP registration messages that can be used to create
   Mobility Security Associations between the mobile node and its home
   agent, and/or between the mobile node and a foreign agent.

Perkins & Calhoun           Standards Track                     [Page 1]
RFC 3957                AAA Keys for Mobile IPv4              March 2005

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Terminology. . . . . . . . . . . . . . . . . . . . . . . . . .  4
   3.  Overview of Operations with Key Generation Nonce Extensions. .  5
   4.  Mobility Security Associations . . . . . . . . . . . . . . . .  7
   5.  Key Generation Nonce Creation and Key Derivation . . . . . . .  8
   6.  Key Generation Extensions. . . . . . . . . . . . . . . . . . .  9
       6.1.  Generalized MN-FA Key Generation Nonce Request Extension 10
       6.2.  Generalized MN-FA Key Generation Nonce Reply Extension . 11
       6.3.  Generalized MN-HA Key Generation Nonce Request Extension 13
       6.4.  Generalized MN-HA Key Generation Nonce Reply Extension . 14
   7.  Error Values . . . . . . . . . . . . . . . . . . . . . . . . . 16
   8.  IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 16
   9.  Security Considerations. . . . . . . . . . . . . . . . . . . . 17
   10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 18
   11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18
       11.1. Normative References . . . . . . . . . . . . . . . . . . 18
       11.2. Informative References . . . . . . . . . . . . . . . . . 19
   Appendices . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
       A. AAA Infrastructure. . . . . . . . . . . . . . . . . . . . . 20
       B. Message Flow for Requesting and Receiving Registration Keys 24
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26
   Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 27

1.  Introduction

   AAA servers, such as RADIUS [11] and DIAMETER [12], are in use within
   the Internet today to provide authentication and authorization
   services for dial-up computers.  Such services are likely to be
   valuable for mobile nodes using Mobile IP for IPv4 [1], when the
   nodes are attempting to connect to foreign domains with AAA servers.
   In this document Mobile IP for IPv4 is called "Mobile IPv4" or just
   "Mobile IP" for short, since no confusion with other versions is
   expected.  Requirements for interactions between AAA and Mobile IP
   are outlined in RFC 2977 [13]; that document describes an
   infrastructure which enables AAA servers to authenticate and
   authorize network access requests from mobile nodes.  See also
   appendix A.  The Mobile IP Registration Request is considered to be a
   request for network access.  It is then possible to augment the
   functionality of the Mobile IP mobility agents so that they can
   translate between Mobile IP registration messages and the messages
   used within the AAA infrastructure, as described in RFC 2977.
   Mobility agents and AAA servers that conform to the requirements of

[include full document text]