Protocol for Carrying Authentication for Network Access (PANA) Requirements
RFC 4058

Document Type RFC - Informational (May 2005; No errata)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 4058 (Informational)
Telechat date
Responsible AD Thomas Narten
Send notices to basavaraj.patil@nokia.com, Alper.Yegin@samsung.com
Network Working Group                                      A. Yegin, Ed.
Request for Comments: 4058                                   Samsung AIT
Category: Informational                                          Y. Ohba
                                                                 Toshiba
                                                                R. Penno
                                                        Juniper Networks
                                                             G. Tsirtsis
                                                                 Flarion
                                                                 C. Wang
                                                                ARO/NCSU
                                                                May 2005

     Protocol for Carrying Authentication for Network Access (PANA)
                              Requirements

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   It is expected that future IP devices will have a variety of access
   technologies to gain network connectivity.  Currently there are
   access-specific mechanisms for providing client information to the
   network for authentication and authorization purposes.  In addition
   to being limited to specific access media (e.g., 802.1X for IEEE 802
   links), some of these protocols are limited to specific network
   topologies (e.g., PPP for point-to-point links).  The goal of this
   document is to identify the requirements for a link-layer agnostic
   protocol that allows a host and a network to authenticate each other
   for network access.  This protocol will run between a client's device
   and an agent in the network where the agent might be a client of the
   AAA infrastructure.

Yegin, et al.                Informational                      [Page 1]
RFC 4058                   PANA Requirements                    May 2005

Table of Contents

   1. Introduction ....................................................3
   2. Requirements Notation ...........................................3
   3. Terminology .....................................................4
   4. Requirements ....................................................4
      4.1. Authentication .............................................4
           4.1.1. Authentication of Client ............................4
           4.1.2. Authorization, Accounting, and Access Control .......6
           4.1.3. Authentication Backend ..............................7
           4.1.4. Identifiers .........................................7
      4.2. IP Address Assignment ......................................7
      4.3. EAP Lower Layer Requirements ...............................7
      4.4. PAA-to-EP Protocol .........................................8
      4.5. Network ....................................................8
           4.5.1. Multi-access ........................................8
           4.5.2. Disconnect Indication ...............................8
           4.5.3. Location of PAA .....................................9
           4.5.4. Secure Channel ......................................9
      4.6. Interaction with Other Protocols ..........................10
      4.7. Performance ...............................................10
      4.8. Congestion Control ........................................10
      4.9. IP Version Independence ...................................10
      4.10. Denial of Service Attacks ................................10
      4.11. Client Identity Privacy ..................................10
   5. Security Considerations ........................................11
   6. Acknowledgements ...............................................11
   A. Problem Statement ..............................................12
   B. Usage Scenarios ................................................13
   References ........................................................16
      Normative References ...........................................16
      Informative References .........................................16

Yegin, et al.                Informational                      [Page 2]
RFC 4058                   PANA Requirements                    May 2005

1.  Introduction

   Secure network access service requires access control based on the
   authentication and authorization of the clients and the access
   networks.  Initial and subsequent client-to-network authentication
   provides parameters that are needed to police the traffic flow
Show full document text