Mobile IP Working Group                               Charles E. Perkins
INTERNET DRAFT                                     Nokia Research Center
2 March 2001                                              Pat R. Calhoun
                                           Sun Microsystems Laboratories

         Generalized Key Distribution Extensions for Mobile IP
                 draft-perkins-mobileip-gen-key-03.txt


Status of This Memo

   This document is a submission by the mobile-ip Working Group of the
   Internet Engineering Task Force (IETF).  Comments should be submitted
   to the MOBILE-IP@STANDARDS.NORTELNETWORKS.COM mailing list.

   Distribution of this memo is unlimited.

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at
   any time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at:
        http://www.ietf.org/ietf/1id-abstracts.txt
   The list of Internet-Draft Shadow Directories can be accessed at:
        http://www.ietf.org/shadow.html.


Abstract

   Recent proposals have suggested several kinds of key extensions for
   Mobile IP registration messages.  These keys may be used between
   the mobile node and mobility agents, or between the mobility agents
   themselves.  This document specifies generalized extension formats
   that can be useful for several kinds of key distributions.  Each
   generalized extension format will have subtypes which indicate the
   specific format for the key distribution data.












Perkins, Calhoun            Expires 2 September 2001            [Page i]


Internet Draft          Generalized Key Extensions          2 March 2001


1. Introduction

   Recent proposals [5, 1, 6] have suggested several kinds of key
   extensions for Mobile IP [4] registration messages.  These keys may
   be used between the mobile node and mobility agents, or between the
   mobility agents themselves.  This document specifies generalized
   extension formats that can be useful for several kinds of key
   distributions.  Each generalized extension format will have subtypes
   which indicate the specific format for the key distribution data.
   Each generalized format conforms to the overall format suggested for
   generalized Mobile IP extensions recently described for MIER [2].

   Different generalized extensions are defined depending upon the
   following factors:

    -  The intended use of the key

    -  Whether the extension requests a key or supplies a key


2. Generalized MN-FA Key Request Extension

   Figure 1 illustrates the Generalized MN-FA Key Request Extension.


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |     Type      |    Subtype    |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                       Mobile Node SPI                         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                MN-FA Key Request Subtype Data ...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


    Figure 1: The Generalized Mobile IP MN-FA Key Request Extension


      Type                  40 (not skippable) (see [4])

      Subtype               a number assigned to identify the way in
                            which the Key Request Data is to be used
                            when generating the registration key

      Length                4 plus the number of bytes in the Subtype
                            Data; SHOULD be at least 20.





Perkins, Calhoun            Expires 2 September 2001            [Page 1]


Internet Draft          Generalized Key Extensions          2 March 2001


      Mobile Node SPI       The Security Parameters Index that the
                            mobile node will assign for the security
                            association created for use with the
                            registration key.

      MN-FA Key Request Subtype Data
                            Data needed to carry out the creation of the
                            registration key on behalf of the mobile
                            node.

   The Generalized MN-FA Key Request Extension defines a set of
   extensions, identified by subtype, which may be used by a mobile node
   in a Mobile IP Registration Request message to request that some
   other entity create a key for use by the mobile node with the mobile
   node's new foreign agent.


3. Generalized MN-FA Key Reply Extension

   The Generalized MN-FA Key Reply extension supplies a registration key
   requested by using one of the subtypes of the Generalized MN-FA Key
   Request extension.  Figure 2 illustrates the format Generalized MN-FA
   Key Reply Extension.


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |     Type      |    Subtype    |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                    Key Reply Subtype Data ...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


     Figure 2: The Generalized Mobile IP MN-FA Key Reply Extension


      Type            41 (not skippable) (see [4])

      Subtype         a number assigned to identify the way in which
                      the Encoded MN-FA Key Data is to be decrypted to
                      obtain the registration key

      Length          The 16-bit Length field indicates the length of
                      the extension.  It is equal to 4 plus the number
                      of bytes in the Encoded MN-FA Key Data.

      MN-FA Key Reply Subtype Data
                      An encoded copy of the key to be used between the



Perkins, Calhoun            Expires 2 September 2001            [Page 2]


Internet Draft          Generalized Key Extensions          2 March 2001


                      mobile node and the foreign agent, along with
                      any other information needed by the recipient
                      to create the designated Mobility Security
                      Association.

   For each subtype, the format of the MN-FA Key Reply Subtype Data has
   to be separately defined according to the particular method required
   to set up the security association.

   In some cases, the MN-FA Key supplied in the data for a subtype of
   this extension comes by a request which was sent using a subtype of
   the Generalized MN-FA Key Request Extension.  In that case, the SPI
   to be used when employing the security association defined by the
   registration key is the same as given in the original request.


4. Generalized MN-HA Key Request Extension

   Figure 3 illustrates the Generalized MN-HA Key Request Extension.


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |     Type      |    Subtype    |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                       Mobile Node SPI                         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                MN-HA Key Request Subtype Data ...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


    Figure 3: The Generalized Mobile IP MN-HA Key Request Extension


      Type                  42 (not skippable) (see [4])

      Subtype               a number assigned to identify the way in
                            which the Key Request Data is to be used
                            when generating the registration key

      Length                4 plus the number of bytes in the Subtype
                            Data; SHOULD be at least 20.

      Mobile Node SPI       The Security Parameters Index that the
                            mobile node will assign for the security
                            association created for use with the
                            registration key.




Perkins, Calhoun            Expires 2 September 2001            [Page 3]


Internet Draft          Generalized Key Extensions          2 March 2001


      MN-HA Key Request Subtype Data
                            Data needed to carry out the creation of the
                            registration key on behalf of the mobile
                            node.

   The Generalized MN-HA Key Request Extension defines a set of
   extensions, identified by subtype, which may be used by a mobile node
   in a Mobile IP Registration Request message to request that some
   other entity create a key for use by the mobile node with the mobile
   node's new home agent.


5. Generalized MN-HA Key Reply Extension


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |     Type      |    Subtype    |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                            Lifetime                           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                   MN-HA Key Reply Subtype Data ...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


     Figure 4: The Generalized Mobile IP MN-HA Key Reply Extension


      Type            43 (not skippable) (see [4])

      Subtype         a number assigned to identify the way in which
                      the Encoded MN-HA Key Data is to be decrypted to
                      obtain the registration key

      Length          The 16-bit Length field indicates the length of
                      the extension.  It is equal to 4 plus the number
                      of bytes in the Encoded MN-HA Key Data.

      Lifetime        This field indicates the duration of time (in
                      seconds) for which the MN-HA key is valid.

      MN-HA Key Reply Subtype Data
                      An encrypted copy of the key to be used between
                      the mobile node and its home agent, along with
                      any other information needed by the mobile
                      node to create the designated Mobility Security
                      Association with the home agent.




Perkins, Calhoun            Expires 2 September 2001            [Page 4]


Internet Draft          Generalized Key Extensions          2 March 2001


   For each subtype, the format of the MN-HA Key Reply Subtype Data has
   to be separately defined according to the particular method required
   to set up the security association.


6. Generalized FA-HA Key Reply Extension


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |     Type      |    Subtype    |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                            Lifetime                           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                   FA-HA Key Reply Subtype Data ...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


     Figure 5: The Generalized Mobile IP FA-HA Key Reply Extension


      Type            45 (not skippable) (see [4])

      Subtype         a number assigned to identify the way in which
                      the Encoded FA-HA Key Data is to be decrypted to
                      obtain the registration key

      Length          The 16-bit Length field indicates the length of
                      the extension.  It is equal to 4 plus the number
                      of bytes in the Encoded FA-HA Key Data.

      Lifetime        This field indicates the duration of time (in
                      seconds) for which the FA-HA key is valid.

      FA-HA Key Reply Subtype Data
                      An encrypted copy of the key to be used between
                      the foreign agent and the mobile node's home
                      agent, along with any other information needed
                      by the foreign agent to create the designated
                      Mobility Security Association with that home
                      agent.

   For each subtype, the format of the FA-HA Key Reply Subtype Data has
   to be separately defined according to the particular method required
   to set up the security association.


7. Generalized FA-FA Key Reply Extension



Perkins, Calhoun            Expires 2 September 2001            [Page 5]


Internet Draft          Generalized Key Extensions          2 March 2001


       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |     Type      |    Subtype    |            Length             |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                          FA-FA  SPI                           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                   FA-FA Key Reply Subtype Data ...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


     Figure 6: The Generalized Mobile IP FA-FA Key Reply Extension



      Type            46 (not skippable) (see [4])

      Subtype         a number assigned to identify the way in which
                      the Encoded FA-FA Key Data is to be decrypted to
                      obtain the registration key

      Length          The 16-bit Length field indicates the length of
                      the extension.  It is equal to 4 plus the number
                      of bytes in the Encoded FA-HA Key Data.

      FA-FA SPI       This field indicates the SPI that should be used
                      to decipher the FA-FA key.

      FA-FA Key Reply Subtype Data
                      An encrypted copy of the key to be used between
                      the foreign agent and its home agent, along
                      with any other information needed by the mobile
                      node to create the designated Mobility Security
                      Association with the home agent.

   For each subtype, the format of the FA-HA Key Reply Subtype Data has
   to be separately defined according to the particular method required
   to set up the security association.


8. IANA Considerations

   Each generalized extension specified in this document is to be
   numbered from the space of Mobile IP registration extension numbers
   defined in RFC 2002 [4] as extended in RFC 2356 [3].  The numbers 40,
   41, 42, 43, 45 and 46 chosen in the text are currently unassigned.

   A subtype address space must be created for each generalized
   extension defined in this document.  From this space, subtype values



Perkins, Calhoun            Expires 2 September 2001            [Page 6]


Internet Draft          Generalized Key Extensions          2 March 2001


   will be assigned according to standards approved principally by the
   mobile-ip working group, but other working groups may also submit
   requests to assign subtype numbers for Mobile IP extensions.


9. Security Considerations

   The extensions in this document are intended to provide the
   appropriate level of security for Mobile IP entities (mobile node,
   foreign agent, and home agent) to operate Mobile IP registration
   protocol.  The security associations resulting from use of these
   extensions do not offer any higher level of security than what is
   already implicit in use of the security association between the
   receiver and the entity distributing the key.


References

   [1] P. Calhoun, Haseeb Akhtar, Emad Qaddoura, and N. Asokan.  Minimal
       Latency Secure Hand-off.
       draft-calhoun-mobileip-min-lat-handoff-01.txt, February 2000.
       (work in progress).

   [2] M. Khalil, R. Narayanan, H. Akhtar, and E. Qaddoura.  Mobile IP
       Extensions Rationalization (MIER).  Internet Draft, Internet
       Engineering Task Force.
       draft-ietf-mobileip-mier-03.txt, February 2000.  Work in
       progress.

   [3] G. Montenegro and V. Gupta.  Sun's SKIP Firewall Traversal for
       Mobile IP.  Request for Comments (Informational) 2356, Internet
       Engineering Task Force, June 1998.

   [4] C. Perkins.  IP Mobility Support.  Request for Comments (Proposed
       Standard) 2002, Internet Engineering Task Force, October 1996.

   [5] C. E. Perkins and P. Calhoun.  AAA Registration Keys for Mobile
       IP.
       draft-ietf-mobileip-aaa-key-01.txt, January 2000.  (work in
       progress).

   [6] C. E. Perkins and D. Johnson.  Registration Keys for Route
       Optimization.
       draft-ietf-mobileip-regkey-01.txt, February 2000.  (work in
       progress).







Perkins, Calhoun            Expires 2 September 2001            [Page 7]


Internet Draft          Generalized Key Extensions          2 March 2001


Addresses

   The working group can be contacted via the current chairs:

        Basavaraj Patil               Phil Roberts
        Nokia Corporation             Motorola
        6000 Connection Drive         1501 West Shure Drive
        M/S M8-540
        Irving, TX 75039              Arlington Heights, IL 60004
        USA                           USA
        Phone:  +1 972-894-6709       Phone:  +1 847-632-3148
        Fax :  +1 972-894-5349
        EMail:  Raj.Patil@nokia.com   EMail:  QA3445@email.mot.com

   Questions about this memo can also be directed to the authors:

        Charles E. Perkins                Pat R. Calhoun
        Communications Systems Lab        Network & Security Center
        Nokia Research Center             Sun Microsystems Laboratories
        313 Fairchild Drive               15 Network Circle
        Mountain View, California 94043   Menlo Park, California 94025
        USA                               USA
        Phone:  +1-650 625-2986           Phone:  +1 650-786-7733
        EMail:  charliep@iprg.nokia.com   EMail:  pcalhoun@eng.sun.com
        Fax:  +1 650 625-2502             Fax:  +1 650-786-6445



























Perkins, Calhoun            Expires 2 September 2001            [Page 8]