A Network Service Identifier for separation of Mobile IPv6 service authorization from Mobile node authentication
draft-nakhjiri-dime-mip6-nsi-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Madjid Nakhjiri , Changsheng Wan | ||
Last updated | 2007-01-19 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Dime working group is designing a procedure for bootstrapping Mobile IPv6 using Diameter. In order to reduce the complexity of Diameter Mobile IPv6 application, the process of Mobile IPv6 service authorization is being separated from the initial mobile node authentication. This This allows for outsourcing the authentication process to another application such as Diameter EAP[RFC4072] . The process can have security considerations, if the authorizing server does not have a clear assurance that the MN has actually been authenticated before, especially if the authorizing server is different from the authenticating server. In this document we provide a procedure and number of extensions to Mobile IPv6 and Diameter signaling to address those considerations. Specifically a new Network Service Identifier (NSI) is defined to assist the interaction between the authorizing and authenticating procedures and servers.
Authors
Madjid Nakhjiri
Changsheng Wan
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)