Presentation is loading. Please wait.

Presentation is loading. Please wait.

Diameter Mobile IPv6: HA-to-AAAH support draft-ietf-dime-mip6-split-01.txt Julien Bournelle (Ed.) Gerardo Giaretta Hannes Tschofenig Madjid Nakhjiri.

Published byMarsha Moody Modified over 9 years ago

Similar presentations

Presentation on theme: "Diameter Mobile IPv6: HA-to-AAAH support draft-ietf-dime-mip6-split-01.txt Julien Bournelle (Ed.) Gerardo Giaretta Hannes Tschofenig Madjid Nakhjiri."— Presentation transcript:

1 Diameter Mobile IPv6: HA-to-AAAH support draft-ietf-dime-mip6-split-01.txt Julien Bournelle (Ed.) Gerardo Giaretta Hannes Tschofenig Madjid Nakhjiri

2 Design Choice Long discussion on the DiME ML: –Diameter EAP for network access AAA –Reuse of 4072 would lead to update Separate Authentication from Authorization and Accounting –Authentication: 4072 (AUTHENTICATE_ONLY) –Authorization/Accounting: new Application

3 IKEv2 AUTHZ/ACCTG Diameter MIP6 (AUTHENTICATE_ONLY) Diameter EAP Architecture Home Agent AAA-EAP Server AAA-MIP6 Server MSP MSA

4 A New Application Authorization: 2 New messages: –MIP6-Authz-Request –MIP6-Authz-Answer Accounting: RFC 3588 (+ new AVPs) Session Management: –STR/STA –ASR/ASA

5 Authorization Token Authentication and Authz/Accounting are decorrelated –AAA-MIP6 has no proof that MN has been correctly authenticated (by AAA-EAP) Do we want/need a mechanism for this ? (General mechanism not only applicable to MIP6)

6 HA as single physical device IKEv2 responder may act as: –VPN concentrator –Home Agent How the IKEv2-R know that IKEv2-I want MIP6 service ?

7 Triggering MIP6-Authz App Two applications are used: 4072 and MIP6-App to perform AAA for mip6. When do MIP6-App is used ? –During 4072 Linked to previous issue (if we wait for BU to differentiate) –After 4072 Can’t request for HoA authorization

8 RFC 4285 support 4285 another mechanism to secure mip6 signaling between MN and HA. (no IKEv2) Do/Can we support this in current document ?

9 Acknowledgments Yoshihiro Ohba ENABLE project Orange-FT

Download ppt "Diameter Mobile IPv6: HA-to-AAAH support draft-ietf-dime-mip6-split-01.txt Julien Bournelle (Ed.) Gerardo Giaretta Hannes Tschofenig Madjid Nakhjiri."

Similar presentations

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.
AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.

AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.
Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.

Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.
IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.

IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.
Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,

Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
AAA-Mobile IPv6 Frameworks Alper Yegin IETF 62. 2 Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.

AAA-Mobile IPv6 Frameworks Alper Yegin IETF Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.
ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.

ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.

Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
November 200461st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,

November st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,
DIME Rechartering Hannes Tschofenig & Dave Frascone.

DIME Rechartering Hannes Tschofenig & Dave Frascone.
August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba

August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba
(Preliminary) Gap Analysis Hannes Tschofenig. Goal of this Presentation The IETF has developed a number of security technologies that are applicable to.

(Preliminary) Gap Analysis Hannes Tschofenig. Goal of this Presentation The IETF has developed a number of security technologies that are applicable to.
Subject: Scenarios Designed for the Verification of Mobile IPv6 Enabling Technologies

Subject: Scenarios Designed for the Verification of Mobile IPv6 Enabling Technologies
1 Julien Laganier MEXT WG, IETF-79, Nov. 2010 Authorizing MIPv6 Binding Update with Cryptographically Generated Addresses

1 Julien Laganier MEXT WG, IETF-79, Nov Authorizing MIPv6 Binding Update with Cryptographically Generated Addresses
July 16, 20031 Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...

July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
IETF70 DIME WG1 ; ; Diameter Routing Extensions (draft-tsou-dime-base-routing-ext.

IETF70 DIME WG1 ; ; Diameter Routing Extensions (draft-tsou-dime-base-routing-ext.
1 RADIUS Mobile IPv6 Support draft-ietf-mip6-radius-01.txt Kuntal Chowdhury Avi Lior Hannes Tschofenig.

1 RADIUS Mobile IPv6 Support draft-ietf-mip6-radius-01.txt Kuntal Chowdhury Avi Lior Hannes Tschofenig.

Similar presentations

Ads by Google