@techreport{ietf-roamops-roamsec-02,
    number =    {draft-ietf-roamops-roamsec-02},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-roamops-roamsec/02/},
    author =    {Dr. Bernard D. Aboba and Pat R. Calhoun},
    title =     {{End-to-End Security in Roaming}},
    pagetotal = 10,
    year =      1998,
    month =     jul,
    day =       24,
    abstract =  {As noted in Roaming Requirements, there is a need for end-to-end secu- rity in roaming, including end-to-end integrity protection, and confi- dentiality. In roaming implementations based on proxy chaining, pack- ets are routed between the NAS and home server through a series of proxies. Current roaming implementations provide only hop-by-hop security, guarding only against modification of packets in transit between hops. This makes it possible for untrusted proxies to modify packets sent between a NAS and a home server without detection, as well as to decrypt PAP passwords, Tunnel passwords, and other hidden attributes which are available to it in cleartext. This document provides a framework for end-to-end security in roaming, making it possible to provide end-to-end message integrity and attribute hiding through addition of three new attributes.},
}