draft-ietf-dime-erp-02

Slides:



Advertisements
Similar presentations
Diameter Bulk Signaling draft-liebsch-dime-diameter-bulksig-00.txt M. Liebsch, G. Punz IETF81, Quebec Diameter Maintenance and Extensions (DIME) WG 28.
Advertisements

Benoit Lourdelet Wojciech Dec Behcet Sarikaya Glen Zorn July 2009 IPv6 RADIUS attributes for IPv6 access networks IETF-75
RADEXT WG IETF-71 Agenda Friday, March 14, :00 – 11:30 AM.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
Draft-ietf-dime-agent-overload- 01.txt. Agenda Extensions to DOIC Questions Review of representative use cases.
DIME #74 Jouni Korhonen draft-ietf-dime-pmip6 draft-ietf-dime-nai-routing.
IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.
IETF-63Bridgewater/Samsung PANA RADIUS PANA RADIUS draft-ietf-pana-aaa-interworking-00.txt Avi Lior, Bridgewater Systems Alper.
ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.
IPv6 RADIUS attributes for IPv6 access networks draft-lourdelet-radext-ipv6-access-01 Glen Zorn, Benoit Lourdelet Wojciech Dec, Behcet Sarikaya Radext/dhc.
Report about the Design Team on "Diameter Routing" (Tina Tsou)
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Problem Statement for Authentication Signaling Optimization Date.
DIME Rechartering Hannes Tschofenig & Dave Frascone.
Hokey IETF 81 Quebec1 EAP Extensions for EAP Re- authentication Protocol draft-ietf-hokey-rfc5296bis-04 Qin Wu Zhen Cao Yang Shi Baohong He.
DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.
July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
Dime WG Status Update IETF#80, 1-April Agenda overview Agenda bashing WG status update Active drafts Recently expired IESG processing Current milestones.
1 RADIUS Mobile IPv6 Support draft-ietf-mip6-radius-01.txt Kuntal Chowdhury Avi Lior Hannes Tschofenig.
EAP Extensions for EAP Re- authentication Protocol (ERP) draft-wu-hokey-rfc5296bis-01 Yang Shi Qin Wu Zhen Cao
IETF65 DIME WG V. Fajardo, A. McNamee, J. Bournelle and H. Tschofenig Diameter Inter Operability Test Suites (draft-fajardo-dime-interop-test-suite-00.txt)
IETF67 DIME WG Towards the specification of a Diameter Resource Control Application Dong Sun IETF 67, San Diego, Nov 2006 draft-sun-dime-diameter-resource-control-requirements-00.txt.
1 NetLMM Vidya Narayanan Jonne Soininen
AAAv6 Charles E. Perkins Patrik Flykt Thomas Eklund.
EAP Extensions for EAP Re- authentication Protocol (ERP) draft-wu-hokey-rfc5296bis-01 Glen Zorn Qin Wu Zhen Cao.
ERP/AAK support for Inter-AAA realm handover discussion Hao Wang, Tina Tsou, Richard.
2006/7/10IETF66 RADEXT WG1 Pre-authentication AAA Requirements Yoshihiro Ohba Alper Yegin
Washinton D.C., November 2004 IETF 61 st – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-02) Gerardo.
Nov. 9, 2004IETF61 PANA WG PANA Specification Last Call Issues Yoshihiro Ohba, Alper Yegin, Basavaraj Patil, D. Forsberg, Hannes Tschofenig.
DHCP options for PAA Status report of draft-ietf-dhc-paa-option-01.txt Lionel Morand IETF-65, Dallas.
Diameter Group Signaling draft-jones-diameter-group-signaling-00 Mark Jones Taipei, Taiwan November 2011.
Diameter Parameter Query draft-winterbottom-dime-param-query-01.txt J. Winterbottom, H. Tschofenig, R. Bellis.
Diameter SIP Application
Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria.
Diameter Mobile IPv6: HA-to-AAAH support draft-ietf-dime-mip6-split-01.txt Julien Bournelle (Ed.) Gerardo Giaretta Hannes Tschofenig Madjid Nakhjiri.
DIME WG IETF 84 Diameter Design Guidelines draft-ietf-dime-app-design-guide-15 Tuesday, July 31, 2012 Lionel Morand.
Load Balance for Distributed Home Agents in Mobile IPv6 Authors: R. ZhangChina Telecom X.L. Huang UCLA K. Zhang Tsinghua Univ. H. DengHitachi (China) draft-deng-mip6-ha-loadbalance-01.txt.
62 nd IETF RADIUS Bandwidth Capability Avi Lior, Bridgewater Systems Farid Adrangi, Intel Paul Congdon, ProCurve Networking Business Chuck Black, ProCurve.
MIP6 RADIUS IETF-72 Update draft-ietf-mip6-radius-05.txt A. LiorBridgewater Systems K. ChowdhuryStarent Networks H. Tschofenig Nokia Siemens Networks.
1 IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: EAP Pre-authentication Problem Statement in IETF HOKEY WG Date Submitted: September,
IETF68 DIME WG Diameter Applications Design Guidelines Document (draft-fajardo-dime-app-design-guide-00.txt)
San Diego, November 2006 IETF 67 th – mip6 WG Goals for AAA-HA interface (draft-ietf-mip6-aaa-ha-goals-03) Gerardo Giaretta Ivano Guardini Elena Demaria.
DIME Virtual Interim Meeting 19th February, 8PM PST Dave Frascone Hannes Tschofenig.
11/20/2002AAA Agenda- IETF 55 Atlanta1 Authentication, Authorization, Accounting (AAA) WG Chairs: Bernard Aboba Dave Mitton.
11/20/2002IETF 55 - AAA WG, NASREQ-101 Diameter-Nasreq-10 Dave Mitton, Most recent Document Editor With Contributions from David Spence & Glen Zorn.
Pre-authentication Problem Statement (draft-ohba-hokeyp-preauth-ps-00
Informing AAA about what lower layer protocol is carrying EAP
RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt
PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt)
and answer command CCF Friday, April 5th 2016
Hokey Architecture Deployment and Implementation
Handover Keys using AAA (draft-vidya-mipshop-fast-handover-aaa-01.txt)
Carrying Location Objects in RADIUS
Pre-authentication Overview
Diameter Base and CCA MIBs
Lionel Morand DHCP options for PAA Lionel Morand
IETF80, Prague Diameter Maintenance and Extensions (DIME) WG
Report about the Design Team on "Diameter Routing" ietf
ERP extension for EAP Early-authentication Protocol (EEP)
AAA Support for ERP draft-gaonkar-radext-erp-attrs
The 66th IETF meeting in Montreal, Canada
ERP/AAK support for Inter-AAA realm handover discussion
IPv4 Support for Proxy Mobile IPv6 Ryuji Wakikawa & Sri Gundavelli
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Liaison Report Date Submitted: March 18, 2010 Presented at IEEE session.
3GPP and SIP-AAA requirements
PMIP6 extensions for inter-access handovers and flow mobility
Qin Wu Zhen Cao Yang Shi Baohong He
Diameter ABFAB Application
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Liaison Report Date Submitted: May 17, 2012 Presented at IEEE session.
Presentation transcript:

draft-ietf-dime-erp-02 Diameter ERP Julien Bournelle Sebastien Decugis Lionel Morand Qin Wu Glen Zorn draft-ietf-dime-erp-02

Changelog & Status From 00 to 01: From 01 to 02: New Application ID for ERP (decided at IETF75) Renaming of the AVP’s (EAP-* to ERP-*) From 01 to 02: Changes in document authors Mainly editorial changes The document is in good shape But 2 important design issues are remaining Can we discuss these today ?

Issue #1 : Handovers ERP allows authentication without signaling to the home realm. But is it desirable that the home server is not aware of the current point of attachment of the peer ? Some issues to solve if we allow handovers in Diam.ERP: Routing server initiated messages to the correct NAS Managing the User-Name & Session-Id (for accounting) Interaction with a mobility application (Diameter MIP6, …) Is it better to focus on optimizing a mobility application (MIP4, MIP6) with ERP for handover scenario ?

Issue #2: Authorization The home realm provides an initial set of authorization attributes to the peer (authorization lifetime, …) Re-authentication usually occurs when the session needs to be extended (we don’t consider handovers here). Local ERP server must not extend the authorization Home realm approval is required for responsibility / liability Is there any benefit in having local ERP server cache the original authorization attributes ? Or can we limit its role to AUTHENTICATE_ONLY ? And is it useful at all to have a local ERP server ?

Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.