Authentication, Authorization, and Accounting (AAA) Goals for Mobile IPv6
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, mext mailing list <firstname.lastname@example.org>, mext chair <email@example.com> Subject: Document Action: 'AAA Goals for Mobile IPv6' to Informational RFC The IESG has approved the following document: - 'AAA Goals for Mobile IPv6 ' <draft-ietf-mext-aaa-ha-goals-01.txt> as an Informational RFC This document is the product of the Mobility EXTensions for IPv6 Working Group. The IESG contact persons are Jari Arkko and Mark Townsley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-mext-aaa-ha-goals-01.txt
Technical Summary Mobile IPv6 provides the basic IP mobility functionality for IPv6. When Mobile IPv6 is used in tightly managed environments with the use of the AAA (Authentication, Authorization and Accounting) infrastructure, an interface between Mobile IPv6 and AAA protocols needs to be defined. Also, two scenarios for bootstrapping Mobile IPv6 service, i.e., split and integrated scenarios, require the specification of a message exchange between the HA and AAA infrastructure for authentication and authorization purposes and a message exchange between the AAA server and the NAS in order to provide the visited network with the necessary configuration information (e.g. Home Agent address). This document describes various scenarios where a AAA interface is required. Additionally, it lists design goals and requirements for the communication between the HA and the AAA server and the NAS and the AAA server needed in the split and integrated scenarios. Requirements are listed in case either IPsec or RFC 4285 is used for Mobile IPv6 authentication. This document only describes requirements, goals and scenarios. It does not provide solutions. Working Group Summary This is a product of the MEXT WG. Document Quality The document does not specify a protocol but a set of goals. As such there is no implementation of it, nor plans to implement it. There was however, a strong expression of interest in this document from the DIME WG which this document is an input to. There was a thorough review of the document from Hannes Tschofenig. Personnel The document shepherd is Marcelo Bagnulo. The responsible AD is Jari Arkko. RFC Editor Note In the abstract, change s/AAA/Authentication, Authorization, and Accounting (AAA)/ In section 4.2, change: s/AAAH/AAAH (AAA server in Home network)/ In Section 4.1 s/vailidity/validity/ In Section 4.2 s/The Home Agent can the assigned/The Home Agent can be assigned/ Also, make the following change: OLD: G4.4 The HA SHOULD be able to request the AAAH server to authenticate the MN with the value in the MN-AAA Mobility Message Authentication Option. NEW: G4.4 The HA supporting the Authentication Protocol MUST be able to request the AAAH server to authenticate the MN with the value in the MN-AAA Mobility Message Authentication Option. and the following: OLD: G6.3 The ASP/MSP SHOULD be able to indicate to the MSA if it can allocate a Home Agent to the MN. Therefore the NAS SHOULD be able to include suggested HA address in the ASP in the NAS - AAA interaction. NEW: G6.3 The ASP/MSP supporting the allocation of a Home Agent MUST be able to indicate to the MSA if it can allocate a Home Agent to the MN. Therefore the NAS MUST be able to include suggested HA address in the ASP in the NAS - AAA interaction. and finally, in Section 5.5, change: OLD: The AAAH SHOULD be able to indicate to the HA if the MN is authorized to autoconfigure its Home Address. NEW: The AAAH SHOULD be able to indicate to the HA if the MN is authorized to autoconfigure its Home Address. If the AAAH does not indicate to the HA if a MN is authorized to autoconfigure its address, the MN is not authorized.