Port Control Protocol (PCP) Authentication Mechanism
draft-ietf-pcp-authentication-01
| Document | Type | Expired Internet-Draft (pcp WG) | |
|---|---|---|---|
| Authors | Margaret Cullen , Sam Hartman , Dacheng Zhang | ||
| Last updated | 2013-04-22 (Latest revision 2012-10-19) | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Formats |
Expired & archived
plain text
xml
htmlized
pdfized
bibtex
|
||
| Reviews |
GENART Telechat review
(of
-13)
On the Right Track
OPSDIR Last Call review
(of
-11)
Has Nits
GENART Last Call review
(of
-11)
Ready with Issues
|
||
| Stream | WG state | WG Document | |
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-ietf-pcp-authentication-01.txt
Abstract
An IPv4 or IPv6 host can use the Port Control Protocol (PCP) to flexibly manage the IP address and port mapping information on Network Address Translators (NATs) or firewalls, to facilitate communications with remote hosts. However, the un-controlled generation or deletion of IP address mappings on such network devices may cause security risks and should be avoided. In some cases the client may need to prove that it is authorized to modify, create or delete PCP mappings. This document proposes an in-band authentication mechanism for PCP that can be used in those cases. The Extensible Authentication Protocol (EAP) is used to perform authentication between PCP devices.
Authors
Margaret Cullen
Sam Hartman
Dacheng Zhang
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)