DHCP Options for Protocol for Carrying Authentication for Network Access (PANA) Authentication Agents
RFC 5192
|
| Document |
Type |
|
RFC - Proposed Standard
(May 2008; No errata)
|
|
Last updated |
|
2015-10-14
|
|
Stream |
|
IETF
|
|
Formats |
|
plain text
pdf
htmlized
bibtex
|
| Stream |
WG state
|
|
(None)
|
|
Document shepherd |
|
No shepherd assigned
|
| IESG |
IESG state |
|
RFC 5192 (Proposed Standard)
|
|
Consensus Boilerplate |
|
Unknown
|
|
Telechat date |
|
|
|
Responsible AD |
|
Jari Arkko
|
|
Send notices to |
|
alper01.yegin@partner.samsung.com, suraj.kumar@samsung.com, syam@samsung.com
|
Network Working Group L. Morand
Request for Comments: 5192 France Telecom R&D
Category: Standards Track A. Yegin
Samsung
S. Kumar
Tech Mahindra Ltd
S. Madanapalli
Samsung
May 2008
DHCP Options for Protocol for Carrying Authentication for
Network Access (PANA) Authentication Agents
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Abstract
This document defines new DHCPv4 and DHCPv6 options that contain a
list of IP addresses to locate one or more PANA (Protocol for
carrying Authentication for Network Access) Authentication Agents
(PAAs). This is one of the methods that a PANA Client (PaC) can use
to locate PAAs.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Specification of Requirements . . . . . . . . . . . . . . . . . 2
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 2
4. PANA Authentication Agent DHCPv4 Option . . . . . . . . . . . . 3
5. PANA Authentication Agent DHCPv6 Option . . . . . . . . . . . . 4
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
7. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
9.1. Normative References . . . . . . . . . . . . . . . . . . . 6
9.2. Informative References . . . . . . . . . . . . . . . . . . 6
Morand, et al. Standards Track [Page 1]
RFC 5192 PAA DHCP Options May 2008
1. Introduction
The Protocol for carrying Authentication for Network Access (PANA)
[RFC5191] defines a new Extensible Authentication Protocol (EAP)
[RFC3748] lower layer that uses IP between the protocol end-points.
The PANA protocol is run between a PANA Client (PaC) and a PANA
Authentication Agent (PAA) in order to perform authentication and
authorization for the network access service.
This document specifies DHCPv4 [RFC2131] and DHCPv6 [RFC3315] options
that allow PANA clients (PaCs) to discover PANA Authentication Agents
(PAAs). This is one of the methods for locating PAAs.
The DHCP options defined in this document are used only as a PAA
discovery mechanism. These DHCP options MUST NOT be used to perform
any negotiation of the use of PANA between the PaC and a PAA.
2. Specification of Requirements
In this document, several words are used to signify the requirements
of the specification. These words are often capitalized. The key
words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document
are to be interpreted as described in [RFC2119].
3. Terminology
This document uses the DHCP terminology defined in [RFC2131],
[RFC2132], and [RFC3315].
This document uses the PANA terminology defined in [RFC5191]. In
particular, the following terms are defined:
PANA Client (PaC):
The client side of the protocol that resides in the access
device (e.g., laptop, PDA, etc.). It is responsible for
providing the credentials in order to prove its identity
(authentication) for network access authorization. The PaC and
the EAP peer are co-located in the same access device.
PANA Authentication Agent (PAA):
The protocol entity in the access network whose responsibility
it is to verify the credentials provided by a PANA client (PaC)
and authorize network access to the access device. The PAA and
Morand, et al. Standards Track [Page 2]
RFC 5192 PAA DHCP Options May 2008
the EAP authenticator (and optionally the EAP server) are
colocated in the same node.
4. PANA Authentication Agent DHCPv4 Option
This DHCPv4 option carries a list of 32-bit (binary) IPv4 addresses
indicating PANA Authentication Agents (PAAs) available to the PANA
client (PaC).
The DHCPv4 option for PANA Authentication Agent has the format shown
Show full document text