Internet Engineering Task Force (IETF) P. Duffy
Request for Comments: 6345 Cisco
Category: Standards Track S. Chakrabarti
ISSN: 2070-1721 Ericsson
R. Cragie
PG&E
Y. Ohba, Ed.
Toshiba
A. Yegin
Samsung
August 2011
Protocol for Carrying Authentication for Network Access (PANA)
Relay Element
Abstract
This document specifies Protocol for carrying Authentication for
Network Access (PANA) Relay Element functionality, which enables PANA
messaging between a PANA Client (PaC) and a PANA Authentication Agent
(PAA) where the two nodes cannot reach each other by means of regular
IP routing.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc6345.
Duffy, et al. Standards Track [Page 1]RFC 6345 PANA Relay Element August 2011Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction ....................................................2
1.1. Specification of Requirements ..............................3
2. PANA Relay Element ..............................................3
3. Security of Messages Sent between PRE and PAA ...................5
4. PANA Messages for Relay Operation ...............................7
4.1. PANA-Relay .................................................7
5. PANA AVPs for Relay Operation ...................................7
5.1. PaC-Information AVP ........................................7
5.2. Relayed-Message AVP ........................................7
6. Security Considerations .........................................8
7. IANA Considerations ............................................10
8. Acknowledgments ................................................10
9. References .....................................................10
9.1. Normative References ......................................10
9.2. Informative References ....................................11
1. Introduction
Protocol for carrying Authentication for Network Access (PANA)
[RFC5191] is a UDP-based protocol to perform Extensible
Authentication Protocol (EAP) authentication between a PANA Client
(PaC) and a PANA Authentication Agent (PAA).
This document specifies PANA Relay Element (PRE) functionality, which
enables PANA messaging between a PaC and a PAA where the two nodes
cannot reach each other by means of regular IP routing. For example,
in ZigBee IP [ZIGBEEIP] that uses 6LoWPAN [RFC4944], a joining node
(PaC) can only use a link-local IPv6 address to communicate with a
parent node prior to PANA authentication. The PAA typically resides
in a 6LowPAN Border Router (6LBR) [6LoWPAN-ND], which is often
Duffy, et al. Standards Track [Page 2]RFC 6345 PANA Relay Element August 2011
multiple IP hops away from the PaC. The PRE implemented on the
parent node is used for relaying PANA messages between the PaC and
datatracker.ietf.org