datatracker.ietf.org
Sign in
Version 5.4.0, 2014-04-22
Report a bug

Chargeable User Identity
RFC 4372

Document type: RFC - Proposed Standard (January 2006)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4372 (Proposed Standard)
Responsible AD: David Kessens
Send notices to: dnelson@enterasys.com, aboba@internaut.com, aboba@internaut.com

Network Working Group                                         F. Adrangi
Request for Comments: 4372                                         Intel
Category: Standards Track                                        A. Lior
                                                     Bridgewater Systems
                                                             J. Korhonen
                                                             Teliasonera
                                                             J. Loughney
                                                                   Nokia
                                                            January 2006

                        Chargeable User Identity

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document describes a new Remote Authentication Dial-In User
   Service (RADIUS) attribute, Chargeable-User-Identity.  This attribute
   can be used by a home network to identify a user for the purpose of
   roaming transactions that occur outside of the home network.

Table of Contents

   1. Introduction ....................................................2
      1.1. Motivation .................................................3
      1.2. Terminology ................................................4
   2. Operation .......................................................5
      2.1. Chargeable-User-Identity (CUI) Attribute ...................5
      2.2. CUI Attribute ..............................................6
   3. Attribute Table .................................................7
   4. Diameter Consideration ..........................................7
   5. IANA Considerations .............................................7
   6. Security Considerations .........................................7
   7. Acknowledgements ................................................8
   8. References ......................................................8
      8.1. Normative References .......................................8
      8.2. Informative References .....................................8

Adrangi, et al.             Standards Track                     [Page 1]
RFC 4372                Chargeable User Identity            January 2006

1.  Introduction

   Some authentication methods, including EAP-PEAP, EAP-TTLS, EAP-SIM
   and EAP-AKA, can hide the true identity of the user from RADIUS
   servers outside of the user's home network.  In these methods, the
   User-Name(1) attribute contains an anonymous identity (e.g.,
   @example.com) sufficient to route the RADIUS packets to the home
   network but otherwise insufficient to identify the user.  While this
   mechanism is good practice in some circumstances, there are problems
   if local and intermediate networks require a surrogate identity to
   bind the current session.

   This document introduces an attribute that serves as an alias or
   handle (hereafter, it is called Chargeable-User-Identity) to the real
   user's identity.  Chargeable-User-Identity can be used outside the
   home network in scenarios that traditionally relied on User-Name(1)
   to correlate a session to a user.

   For example, local or intermediate networks may limit the number of
   simultaneous sessions for specific users; they may require a
   Chargeable-User-Identity in order to demonstrate willingness to pay
   or otherwise limit the potential for fraud.

   This implies that a unique identity provided by the home network
   should be able to be conveyed to all parties involved in the roaming
   transaction for correlating the authentication and accounting
   packets.

   Providing a unique identity, Chargeable-User-Identity (CUI), to
   intermediaries, is necessary to fulfill certain business needs.  This
   should not undermine the anonymity of the user.  The mechanism
   provided by this document allows the home operator to meet these
   business requirements by providing a temporary identity representing
   the user and at the same time protecting the anonymity of the user.

   When the home network assigns a value to the CUI, it asserts that
   this value represents a user in the home network.  The assertion
   should be temporary -- long enough to be useful for the external
   applications and not too long such that it can be used to identify
   the user.

   Several organizations, including WISPr, GSMA, 3GPP, Wi-Fi Alliance,
   and IRAP, have been studying mechanisms to provide roaming services,

[include full document text]