Data Objects and Message Types 49 th IETF AAAarch Research Group David Spence Interlink Networks

Message Types Service request/reply Authorization request/reply Solicit Service Offer request/reply Authentication request/reply Authentication Challenge request/reply Policy request/reply Policy Evaluation request/reply Data request/reply Event Log indication/confirmation Accounting indication/confirmation Service (session) Configuration indication/confirmation Service (session) Management indication/confirmation Capability request/reply (supports resource discovery)

Top Level Objects Identity Authentication Data Authentication Challenge Service Data Service Offer Answer Error Policy Policy Reference Policy Data Configuration Data Service Management Accounting Event Capability

Relation of Objects to Message Types

Service request/reply A Service Request is a request to provide some service. It may be passed through a chain of AAA entities depending on whether the push, pull, or agent model is being used. Implicit in a request for service is a request for authentication and authorization. Typical top level objects carried in a Service Request include: – Identity – Authentication Data – Service Data or Service Specification Policy – Policy Data A Service Reply is returned back down the chain. It may be positive or negative. If positive, it might contain objects such as: – Answer (= Yes) – Service Data (the negotiated service parameters) – Configuration Data (to be sent to the service equipment) If the reply is negative it might contain objects such as: – Answer (= No) – Error – Service Offer