Presentation is loading. Please wait.

Presentation is loading. Please wait.

DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris.

Published bySilvester Poole Modified over 8 years ago

Similar presentations

Presentation on theme: "DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris."— Presentation transcript:

1 DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris

2 The Protocol for carrying Authentication for Network Access (PANA)  The PANA protocol is run between a PANA Client (PaC) and a PANA Authentication Agent (PAA) in order to perform authentication and authorization for the network access service.  Accessing the network, the PaC needs to discover the PAA to be authenticated

3 PAA discovery – Possible ways Existing Manual Configuration Multicast based Proposed DHCP based

4 PANA Authentication Agent DHCPv4 Option  A new DHCPv4 option that allows PANA client (PaC) to discover PANA Authentication Agents (PAA).  It carries either a 32-bit (binary) IPv4 address list or, preferably, a domain name list.

5 Option Format +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | option-code | option-length | enc |... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PAA Domain Name List | |... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ DHCPv4 option for PAA Domain Name List +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | option-code | option-length | enc |... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PAA IP Address |... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ DHCPv4 option for PAA IPv4 Address List

6 Operations  The client requests PAA DHCPv4 Option in a Parameter Request List  If a DHCPv4 server is configured with both PAA domain name list and PAA IP address list, the DHCPv4 server should responds to the request with the domain name list to be used by the PANA client.

7 Security Consideration  If an adversary manages to modify the response from a DHCP server or insert its own response, a PANA Client could be led to contact a rogue PANA Agent, possibly one that then intercepts call requests or denies service.  This is a well-known threat with DHCP but that this doesn't introduce a new security hole in the PANA framework.

8 Action Plan…..  PANA WG consensus on this I-D  DHC WG ??

9 THANK YOU!

Download ppt "DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris."

Similar presentations

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.
Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,
DHCPv6.

DHCPv6.
Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.
Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park

Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park
Draft-ietf-dhc-stateless-dhcpv6- renumbering-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

Draft-ietf-dhc-stateless-dhcpv6- renumbering-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.
PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.

PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.
Host Autoconfiguration ALTTC, Ghaziabad. IPv4 Address and IPv6 equivalents ALTTC, Ghaziabad.

Host Autoconfiguration ALTTC, Ghaziabad. IPv4 Address and IPv6 equivalents ALTTC, Ghaziabad.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture14: DHCP Switched Networks Assistant Professor Pongpisit Wuttidittachotti,

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture14: DHCP Switched Networks Assistant Professor Pongpisit Wuttidittachotti,
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.
DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.

DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.
1 Service-Oriented Address Assignment Using DHCP draft-ietf-dhc-soa-option-00.txt draft-syam-dhc-soav4-option-00.txt Syam Madanapalli Samsung ISO IETF.

1 Service-Oriented Address Assignment Using DHCP draft-ietf-dhc-soa-option-00.txt draft-syam-dhc-soav4-option-00.txt Syam Madanapalli Samsung ISO IETF.
PaC with unspecified IP address. Requirements Assigning an IP address to the client is outside the scope of PANA. PANA protocol design MAY require the.

PaC with unspecified IP address. Requirements Assigning an IP address to the client is outside the scope of PANA. PANA protocol design MAY require the.
1 Anycast Address Assignment Using DHCPv6 draft-madanapalli-dhcpv6-anycast-00 Syam Madanapalli Samsung ISO IETF 61 – Washington, DC.

1 Anycast Address Assignment Using DHCPv6 draft-madanapalli-dhcpv6-anycast-00 Syam Madanapalli Samsung ISO IETF 61 – Washington, DC.
DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.
IPv6 RADIUS attributes for IPv6 access networks draft-lourdelet-radext-ipv6-access-01 Glen Zorn, Benoit Lourdelet Wojciech Dec, Behcet Sarikaya Radext/dhc.

IPv6 RADIUS attributes for IPv6 access networks draft-lourdelet-radext-ipv6-access-01 Glen Zorn, Benoit Lourdelet Wojciech Dec, Behcet Sarikaya Radext/dhc.
IPv6 Address autoconfiguration stateless & stateful.

IPv6 Address autoconfiguration stateless & stateful.
IPv6 Autoconfiguration Stateless and Stateful. Copy... Rights This slide set is the ownership of the 6DISS project via its partners The Powerpoint version.

IPv6 Autoconfiguration Stateless and Stateful. Copy... Rights This slide set is the ownership of the 6DISS project via its partners The Powerpoint version.
DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-01.txt) IETF 61 (Washington, DC) Yinglan Jiang Renxiang Yan

DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-01.txt) IETF 61 (Washington, DC) Yinglan Jiang Renxiang Yan

Similar presentations

Ads by Google