Skip to main content

Requirements Language
draft-liu-intarea-ps-protocol-auth-00

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Vic Liu , Yinzhi Cao , Dapeng Liu , Minpeng Qi , Qiong Sun
Last updated 2017-11-21 (Latest revision 2017-05-20)
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

Transport and application layer protocol provides end-to-end connectivity for clients and servers, but conveys limited or even no information to a middlebox, such as Policy and Charging Control (PCC) system, between the client and server. However, PCC needs to authenticate the client-server traffic so that it can perform the basic functionality, i.e., charging the client. Due to lack of traffic authentication capability in transport and application layer protocol, state-of-the-art PCC adopts Deep Packet Inspection (DPI) to understand client-server communication and decide whether to charge a client. However, in this draft, we show that current transport layer protocol(TCP) and application layer(HTTP, TLS) protocol cannot meet the need of traffic authentication, i.e., the user can modify the packet and by pass the ISP PCC to have free ride. Due to the existence of the aforementioned free-riding attacks, we believe that Transport and application layer protocol needs to provide traffic authentication capability to a middlebox. In this draft, we describe free-riding attacks and present requirements for providing traffic authentication.

Authors

Vic Liu
Yinzhi Cao
Dapeng Liu
Minpeng Qi
Qiong Sun

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)