Extensions to the Emergency Services Architecture for dealing with Unauthenticated and Unauthorized Devices draft-ietf-ecrit-unauthenticated-access-03.txt.

Slides:



Advertisements
Similar presentations
Authentication.
Advertisements

Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
Ecrit-unauthenticated-access IETF 75, Stockholm July 29, 2009 Hannes Tschofenig (attending virtually) Dirk Kroeselberg.
Extensions for Unauthenticated and Unauthorized Devices draft-ietf-ecrit-unauthenticated-access-01 H. Schulzrinne, S. McCann, G. Bajko, H. Tschofenig,
ECRIT Direct Calling draft-winterbottom-ecrit-direct-01 James Winterbottom, Martin Thomson, Hannes Tschofenig, Henning Schulzrinne 1draft-winterbottom-ecrit-direct-01.
Internet Standards- Emergency Services Hannes Tschofenig Mail comments to and/or
1 5 th SDO Emergency Services Workshop October 2008 “sos” URI parameter for marking emergency requests Milan Patel 5 th SDO Emergency Services Workshop.
Out of Jurisdiction Emergency Routing draft-winterbottom-ecrit-priv-loc-01.txt James Winterbottom, Hannes Tschofenig, Laura Liess.
1 Behcet Sarikaya Frank Xia July 2010 Flexible DHCPv6 Prefix Delegation in Mobile Networks IETF 78
Origins of ECRIT IETF has been working on location since 2000 –Spatial BoF, eventually GEOPRIV chartered in 2001 GEOPRIV provides location information.
Emergency Services IAB Tech Chat 28 th February 2007 Hannes Tschofenig.
IETF-63Bridgewater/Samsung PANA RADIUS PANA RADIUS draft-ietf-pana-aaa-interworking-00.txt Avi Lior, Bridgewater Systems Alper.
An SAIC Company Telcordia View of NENA Progress on VoIP Migration Plan Telcordia Contacts: Nadine Abbott (732) An SAIC Company.
March 2006IETF65 - ECRIT1 Emergency Service Identifiers draft-ietf-ecrit-service-urn-01 Henning Schulzrinne Columbia University
July 30, 2010SIPREC WG1 SIP Call Control - Recording Extensions draft-johnston-siprec-cc-rec-00 Alan Johnston Andrew Hutton.
Proxy Authentication of the Emergency Status of SIP Calls draft-barnes-ecrit-auth-00 Richard Barnes IETF 69, Chicago, IL, USA.
IEEE Emergency Services DCN: Title: call flow for Layer 2 support for unauthenticated requests Date.
Location Hiding: Problem Statement, Requirements, (and Solutions?) Richard Barnes IETF 71, Philadelphia, PA, USA.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Emergency calls related work done in IETF Gabor Bajko May 22, 2006.
NENA Next Generation Architecture
-framework Brian Rosen. -11 version deals with IESG comments All comment resolved one way or another One open issue – spec(t)
Call Control with SIP Brian Elliott, Director of Engineering, NMS.
Draft-rosen-ecrit-emergency- framework-00 Brian Rosen NeuStar CPa
1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.
1 Location Hiding Henning Schulzrinne Laura Liess Hannes Tschofenig.
GEOPRIV Layer 7 Location Configuration Protocol; Problem Statement and Requirements draft-tschofenig-geopriv-l7-lcp-ps-00.txt Hannes Tschofenig, Henning.
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
Emergency Context Resolution with Internet Technologies Marc Linsner Roger Marshall IETF 84 Vancouver July 31, 2012.
A Routing Extension for HELD draft-winterbottom-ecrit-priv-loc-04 James Winterbottom Hannes Tschofenig Laura Liess.
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
November 2005IETF64 - ECRIT1 Emergency Service Identifiers draft-ietf-sipping-sos-01 draft-schulzrinne-sipping-service-01 Henning Schulzrinne Columbia.
PSAP Callback draft-ietf-ecrit-psap-callback Phone BCP Status Usage Scenarios.
DNS SRV and NAPTR Use for SPEERMINT - Tom Creighton, Gaurav Khandpur Comcast SPEERMINT Intermin Meeting Philadelphia Sept
1 SPEERMINT Use Cases for Cable IETF 66 Montreal 11 JULY 2006 Presented by Yiu L. Lee.
1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: Detailed analysis on MIA/MSA architecture Date Submitted: January 5, 2010 Present.
Draft-barnes-geopriv-policy-uri. -03 (err… -02) We updated the draft (-02) in early September – … and forgot to post it We updated it again (-03) right.
ECRIT Virtual Interim Meeting 3rd June 2009, 1PM EDT (New York) Marc Linsner Hannes Tschofenig.
ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.
EAP Extensions for EAP Re- authentication Protocol (ERP) draft-wu-hokey-rfc5296bis-01 Glen Zorn Qin Wu Zhen Cao.
A Routing Extension for HELD draft-ietf-ecrit-held-routing-01 James Winterbottom Hannes Tschofenig Laura Liess.
SAML for SIP Hannes Tschofenig, Jon Peterson, James Polk, Douglas Sicker, Marcus Tegnander.
Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.
Module 6: Network Policies and Access Protection.
ECRIT IETF 70 December 2007 Vancouver Hannes Tschofenig Marc Linsner Roger Marshall.
Diameter Parameter Query draft-winterbottom-dime-param-query-01.txt J. Winterbottom, H. Tschofenig, R. Bellis.
Emergency Text Messaging using SIP MESSAGE draft-kim-ecrit-text-00
IETF 78 Maastricht 27 July 2010 Josh Howlett, JANET(UK)
ECRIT requirements update draft-schulzrinne-ecrit-requirements-01 IETF 63 Aug 02, 2005 Roger Marshall
Extended QoS Authorization for the QoS NSLP Hannes Tschofenig, Joachim Kross.
7/11/2005ECRIT Security Considerations1 ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt Henning Schulzrinne, Raj Shanmugam, Hannes.
EAP in Unauthenticated Network Access to Emergency Services draft-schulzrinne-ecrit-unauthenticated-access-06 H. Schulzrinne, S. McCann, G. Bajko, H. Tschofenig,
Module 5: Network Policies and Access Protection
Emergency Context Resolution with Internet Technologies (ecrit) Hannes Tschofenig, Marc Linsner IETF 66, Montreal, June 2006.
Introduction to Port-Based Network Access Control EAP, 802.1X, and RADIUS Anthony Critelli Introduction to Port-Based Network Access Control.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-05.txt Bernard Aboba Microsoft IETF 62, Minneapolis, MN.
Multicast in Information-Centric Networking March 2012.
Port Based Network Access Control
12th April 2007, SDO Emergency Services Workshop 2007
Informing AAA about what lower layer protocol is carrying EAP
Emergency Context Resolution with Internet Technologies Marc Linsner Roger Marshall IETF 86 Orlando March 13, 2013.
Hokey Architecture Deployment and Implementation
Henning Schulzrinne Stephen McCann Gabor Bajko Hannes Tschofenig
draft-ietf-geopriv-lbyr-requirements-02 status update
draft-ietf-ecrit-rough-loc
IPv4 Support for Proxy Mobile IPv6 Ryuji Wakikawa & Sri Gundavelli
Emergency Service Identifiers draft-ietf-ecrit-service-urn-01
Open Forum th November 2016.
Charles Clancy Katrin Hoeper IETF 73 Minneapolis, USA 17 November 2008
IEEE Emergency Services
Marc Linsner Richard Barnes Roger Marshall
Presentation transcript:

Extensions to the Emergency Services Architecture for dealing with Unauthenticated and Unauthorized Devices draft-ietf-ecrit-unauthenticated-access-03.txt

Status draft-ietf-ecrit-unauthenticated-access-02.txt received a number of review comments from Bernard Aboba, Martin Thomson, and Marc Linsner Main issues on the next few slides. draft-ietf-ecrit-unauthenticated-access-03.txt addresses editorial comments and minor comments.

Issue #1: No Access Authentication (NAA) Start Lower-layer attach Waiting for ES call initiation NAA NASP PhoneBCP ZBP Credentials for network access authentication available? yes Emergency NW attach possible? yes no ASP configured? no yes Authorized to make ES call? no Tell user that ES call is not allowed in jusristiction

Call Flow Routing Database PSAP (1)Location Location + Service Identifier (2) PSAP URI + emergency number (3) (4) (5) Location Information Server INVITE Request URI: urn:service:sos To: urn:service:sos Route Header: PSAP URI INVITE Request URI: urn:service:sos To: urn:service:sos Route Header: PSAP URI dial VSP SIP Proxy

Issue #2: The State of Hotspot Access Bernard illustrated that the current hotspot access is quite bad and there is no easy way to get to the functionality we would need. The currently described functionality captures the envisioned end state and does not explain how to get to that state given the nastiness of today's network deployments. On one hand we want to provide a technical write-up about the functionality that is needed to make calls in the NAA case but on the other hand we need to point to the problems to get there.

Issue #3: Lack of network access authorization The NAA case only focuses on the lack of credentials but does not consider the case where credentials are available but network access authorization fails nevertheless. Lack of authorization at the application layer is covered.

Network Access Authentication Architecture EAP peer (supplicant) EAP lower Layer (e.g., i) AAA Client EAP lower Layer (e.g., i) AAA Server EAP server End Host / EAP Peer Network Access Server / Authenticator / AAA Client AAA Server / EAP server EAP method EAP MSK

Issue #4: Document Writing Style An editorial question was raised by Martin as well – Currently, the draft states the steps that are necessary for performing the emergency call. There are only a few steps. – Martin suggested to instead reference the selected parts from the phone BCP and say what is not applicable. – Another option is to provide a summary of what is different.