Networking Working Group                                         Q.Wu
Internet Draft                                                 Huawei
Intended status: Standard Track                          May 20, 2009
Expires: November 2009



      Diameter support for local key transport protocol between local
                        server and home AAA server
                    draft-wu-dime-local-keytran-00.txt


Status of this Memo

    This Internet-Draft is submitted to IETF in full conformance with
    the provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

   This Internet-Draft will expire on November 20, 2009.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (http://trustee.ietf.org/license-info).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.






Wu                   Expires November 20, 2009               [Page 1]


Internet-Draft    Diameter support for Local key transport     May 2009


Abstract

   In [RFC5296], USRK is provided by the Home EAP server to the local
   domain server and used to derive a re-authentication Root Key, this
   document specifies the transport of the DSRK using the Diameter EAP
   Application.

Table of Contents


   1. Introduction.................................................2
   2. Terminologies and Conventions................................3
   3. Diameter Support for Local Key transport.....................3
      3.1. Protocol Overview.......................................3
      3.2. Example of local key transport..........................4
      3.3. Example of re-auth key transport........................5
   4. Command Codes................................................6
   5. Attribute Value Pair Definitions.............................6
      5.1. EAP-Local-Domain Name AVP...............................6
      5.2. EAP-DSRK AVP............................................6
      5.3. EAP-DSRK-Name AVP.......................................6
      5.4. EAP-DSRK-Lifetime AVP...................................6
      5.5. EAP-rMSK AVP............................................6
      5.6. EAP-rMSK-Name AVP.......................................7
      5.7. EAP-rMSK-Lifetime AVP...................................7
   6. AVP Occurrence Table.........................................7
   7. Security Considerations......................................7
   8. IANA Considerations..........................................7
   9. References...................................................8
      9.1. Normative References....................................8
      9.2. Informative References..................................8
   10. Acknowledgments.............................................8

1. Introduction

   [RFC 5296] defines the EAP Re-authentication Protocol to allow faster
   re-authentication of a previously authenticated peer. [RFC 4187]
   describes one Fast Re-authentication mechanism to make EAP AKA
   procedure faster and reduce the load of authentication center. These
   mechanisms are both based on the keys derived on the preceding full
   authentication. Thus the local AAA server in the visited domain
   visited by the peer needs not communicate with the home AAA server in
   the home domain.

   A Domain Specific Root Key (DSRK) derived from the EMSK, as defined
   in the [RFC 5295] can be used for bootstrapping security of a set of
   services within a domain. Also as described in [RFC5296], USRK is


Wu                   Expires November 20, 2009               [Page 2]


Internet-Draft    Diameter support for Local key transport     May 2009


   provided by the Home EAP server to the local domain server,
   Furthermore, a re-authentication Root Key may be derived from a
   Domain Specific Root Key (DSRK), for that purpose, this document
   specifies the transport of the DSRK using the Diameter EAP
   Application.



2. Terminologies and Conventions

   In examples, "C:" and "S:" indicate lines sent by the client and
   server respectively.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119.

3. Diameter Support for Local Key transport

3.1. Protocol Overview

Before the local AAA server request DSRK from the home Diameter Server,
We assume the peer know the domain name of local domain. A local AAA
server, collocated with a Diameter proxy in the domain visited by the
peer, may request a DSRK from the home Diameter server by sending domain
name, in the initial full EAP exchange. This is done by including the
EAP-DSRK-Domain Name AVP in the Diameter EAP Request (DER) message.  The
EAP-DSRK-Domain Name AVP contains the domain or server identity required
to derive the DSRK.

In successful case, the DSRK is carried by the EAP-DSRK AVP in the
Diameter EAP Answer (DEA) message.  Along with the EAP-DSRK AVP, an EAP-
DSRK-Name AVP MUST be used to send the DSRK's keyname and an EAP- DSRK-
Lifetime AVP MUST be used to send the DSRK's lifetime.














Wu                   Expires November 20, 2009               [Page 3]


Internet-Draft    Diameter support for Local key transport     May 2009


3.2. Example of local key transport


                              +--------------+         +--------------+
    +----+    +------+        |  Proxy AAA   |         | Home Diameter|
    |Peer|    | NAS  |        |(Local Server)|         |  Server      |
    +--+-+    +---+--+        +------|-------+         +----+---------+
    EAP REQ/Identity                 |                      |
       |<---------|                  |                      |
    EAP RSP/Identity                 |                      |
       |--------->                   |                      |
       |     DER([Local Domain Name])|                      |
       |          |----------------->|DER(local Domain Name)|
       |          |                  |--------------------->|
       |          |                  |                      |
       |          |                  |                      |
       |          |                  |                      |
       |          |                DEA(DSRK,USRK-Name, Diameter Success)
       |        DEA(Diameter Success)|<-------------------- |
       EAP Success|<-----------------|                      |
       |<---------|                  |                      |
       |          |                  |                      |
       |          |                  |                      |
       |          |                  |
            Figure 1: Example of local key transport

Assume the peer has known the domain name associated with local domain
server. As regarding how the domain name is discovered by the peer is
beyond scope of this document. Firstly the peer sends EAP RSP/Identity
message containing domain name or domain Identity to the home Diameter
Sever to trigger USRK request. The EAP-RSP/Identify message is
encapsulated in an EAP-Local-Domain-Name AVP of a Diameter EAP Request
(DER) message by the NAS and sent to the Diameter server. Intermediate
Proxy AAA's may perform routing and forwarding functions.

The Diameter Server process the EAP RSP/Identity message in accordance
with [RFC4072] and responds with EAP Success message with DSRK included.
The Diameter Server must encapsulate the EAP Success in the EAP-DSRK AVP
of a Diameter EAP Answer(DEA)message.









Wu                   Expires November 20, 2009               [Page 4]


Internet-Draft    Diameter support for Local key transport     May 2009


3.3. Example of re-auth key transport

 (Editor's Note: it is not clear whether the re-auth key transport
should be incorporated into the ongoing draft-ietf-dime-erp-00)

      +------+           +------+                +--------+
      | Peer |           | NAS  |                |Local ER|
      +--+---+           +--+---+                +---+----+
         |                  |                        |
    EAP-Initiate/Re-auth([Local Domain               |
         |----------------->|                        |
      Name Req],Keyname-NAI)|                        |
         |                  DER(Re-auth,[Local Domain Name Req]
         |                  |----------------------->|
         |                  |      ,Keyname-NAI)     |
         |                  |                     +----+
         |                  |                     |DSRK|
         |                  |                     +--+-+
         |                  |               +--------+----------+
         |                  |               |Derive rRK,rIK,rMSK|
         |                  |               +-------------------+
         |                  | DEA(Local Domain name, |
         |                  |<-----------------------|
         |                +----+rMSK,Diameter Finish |
         |                |rMSK|                     |
         |                +----+                     |
      EAP-Finish(Local Domain Name)                  |
         |<-----------------|                        |
    +------------+          |                        |
    |Derive DSRK |          |                        |
    |rRK,rIK,rMSK|          |                        |
    +----+-------+          |
         |
                Figure 2: Re-auth Key transport
If the peer does not know the local domain name, ERP exchange can be run
to help the peer obtain the local domain name. The peer requests the
local ER for the local domain name by sending EAP Initiate/Re-auth
message. The message includes the local domain name request that
indicate to query the local domain name from the local server or the
home ER server. The local ER server receives DSRK using local key
transport mechanism described in the section 3.2 and derive the rRK,rIK
and RMSK using DSRK as the input, forward the Diameter EAP Finish to the
NAS, the local domain name and the rMSK is sent along with the EAP
success in the DEA message. The NAS receives the rMSK and forward the
EAP-Finish the peer with the local domain name included. The peer
extracts the local domain name from EAP Finish message and derive the
DSRK,rRK,rIK and rMSK.


Wu                   Expires November 20, 2009               [Page 5]


Internet-Draft    Diameter support for Local key transport     May 2009


(Editor's Note: it is not clear whether we extend DER/EEA or define new
Command Code to accommodate the two new EAP code,i.e.,EAP
Initiate/Finish )

4. Command Codes

This document re-uses the EAP application commands [RFC4072] and does
not define new command codes.

5. Attribute Value Pair Definitions

This section defines new AVPs for the ERP support within Diameter EAP
Application.

5.1. EAP-Local-Domain Name AVP

The EAP-DSRK-Domain Name is of type OctetString. This AVP contains the
domain name associated with local domain server which the EAP DSRK is
transported to.

5.2. EAP-DSRK AVP

The EAP-DSRK AVP (AVP Code TBD) is of type OctetString.  This AVP
contains keying material to be used by the visited domain (i.e. the
DSRK).  Exactly how this keying material is derived and utilized is
beyond the scope of this document.

5.3. EAP-DSRK-Name AVP

The EAP-DSRK-Name AVP (AVP Code TBD) is of type OctetString.  This AVP
contains the EMSKname as a default name or USRKname which uniquely
identifies the keying material.  How this name is derived is beyond the
scope of this document and defined in [RFC 5295].

5.4. EAP-DSRK-Lifetime AVP

The EAP-DSRK-Lifetime AVP (AVP Code TBD) is of type Unsigned64 and
contains the DSRK lifetime in seconds.

5.5. EAP-rMSK AVP

The EAP-rMSK AVP (AVP Code TBD) is of type OctetString.  This AVP
contains keying material to be used the peer and the authenticator in
the visited domain.  Exactly how this keying material is derived and
utilized is beyond the scope of this document.




Wu                   Expires November 20, 2009               [Page 6]


Internet-Draft    Diameter support for Local key transport     May 2009


5.6. EAP-rMSK-Name AVP

The EAP-rMSK-Name AVP (AVP Code TBD) is of type OctetString.  This AVP
contains the EMSKname as a default name or rMSKname which uniquely
identifies the keying material.  How this name is derived is beyond the
scope of this document and defined in [RFC 5295].

5.7. EAP-rMSK-Lifetime AVP

The EAP-rMSK-Lifetime AVP (AVP Code TBD) is of type Unsigned64 and
contains the rMSK lifetime in seconds.



6. AVP Occurrence Table

The following table lists the AVPs that may optionally be present in
the DER and DEA commands [RFC4072].
                                 +---------------+
                                 |  Command-Code |
                                 +-+-----+-----+-+
    Attribute Name                 | DER | DEA |
    -------------------------------|-----+-----+
    EAP-Local Domain Name          |  1  | 0-1 |
    EAP-DSRK                       |  0  | 0-1 |
    EAP-DSRK-Name                  |  0  | 0-1 |
    EAP-DSRK-Lifetime              |  0  | 0-1 |
    EAP-rMSK                       |  0  | 0-1 |
    EAP-rMSK-Name                  |  0  | 0-1 |
    EAP-rMSK-Lifetime              |  0  | 0-1 |
                                   +-----+-----+
           Figure 3: DER and DEA Commands AVP Table
When the EAP-DSRK AVP is present in the DEA then the EAP-DSRK-Name and
the EAP-DSRK-Lifetime MUST also be present.

7. Security Considerations

The security considerations specified in [RFC 4072], and [RFC 3588] are
applicable to this document.

8. IANA Considerations

This document requires IANA registration of the following new AVPs to
the AVP registry established by RFC 3588 [3]:

   o  EAP-Local-Domain-Name



Wu                   Expires November 20, 2009               [Page 7]


Internet-Draft    Diameter support for Local key transport     May 2009




   o  EAP-DSRK

   o  EAP-DSRK-Name

   o  EAP-DSRK-Lifetime

   o  EAP-rMSK

   o  EAP-rMSK-Name

   o  EAP-rMSK-Lifetime

9. References

9.1. Normative References

   [RFC5296] Narayanan, V. and L. Dondeti, "EAP Extensions for EAP Re-
             authentication Protocol (ERP)", RFC 5296, August 2008.

   [RFC4187] Arkko, J. and H. Haverinen, "Extensible Authentication
            Protocol Method for 3rd Generation Authentication and Key
            Agreement (EAP-AKA)", RFC 4187, January 2006.

   [RFC5295] Salowey, J., Dondeti, L., Narayanan, V., and M. Nakhjiri,
            "Specification for the Derivation of Root Keys from an
            Extended Master Session Key (EMSK)", RFC 5295, August 2008

   [RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible
            Authentication Protocol (EAP) Application", RFC 4072,
            August 2005.

   [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J.
            Arkko, "Diameter Base Protocol", RFC 3588, September 2003.

9.2. Informative References

10. Acknowledgments

   Many thanks to DIME members for their comments.








Wu                   Expires November 20, 2009               [Page 8]


Internet-Draft    Diameter support for Local key transport     May 2009


Authors' Addresses

   Qin Wu
   Huawei Technologies Co.,Ltd.
   Site B, Floor 12F,Huihong Mansion, No.91,Baixia Rd.

   Phone: +86-25-84565892
   Email: sunseawq@huawei.com








































Wu                   Expires November 20, 2009               [Page 9]