Requirements Language
draft-liu-intarea-ps-protocol-auth-00

Document Type Expired Internet-Draft (individual)
Last updated 2017-11-21 (latest revision 2017-05-20)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-liu-intarea-ps-protocol-auth-00.txt

Abstract

Transport and application layer protocol provides end-to-end connectivity for clients and servers, but conveys limited or even no information to a middlebox, such as Policy and Charging Control (PCC) system, between the client and server. However, PCC needs to authenticate the client-server traffic so that it can perform the basic functionality, i.e., charging the client. Due to lack of traffic authentication capability in transport and application layer protocol, state-of-the-art PCC adopts Deep Packet Inspection (DPI) to understand client-server communication and decide whether to charge a client. However, in this draft, we show that current transport layer protocol(TCP) and application layer(HTTP, TLS) protocol cannot meet the need of traffic authentication, i.e., the user can modify the packet and by pass the ISP PCC to have free ride. Due to the existence of the aforementioned free-riding attacks, we believe that Transport and application layer protocol needs to provide traffic authentication capability to a middlebox. In this draft, we describe free-riding attacks and present requirements for providing traffic authentication.

Authors

Vic Liu (liu.cmri@gmail.com)
Yinzhi Cao (yinzhi.cao@lehigh.edu)
Dapeng Liu (maxpassion@gmail.com)
Minpeng Qi (loopypuzzle@hotmail.com)
Qiong Sun (sunqiong@ctbri.com.cn)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)