Download presentation
Presentation is loading. Please wait.
Published byAgatha Daniel Modified over 8 years ago
1
Nov 10, 20031 EAP-based Mediating Network Discovery and Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation ( farid.adrangi@intel.com ) ACKNOWLEDGEMENTS: JOE SALOWEY MARK GRAYSON – Cisco VICTOR LORTZ, JOSE PUTHENKULAM, - INTEL CORPORATION MARK WATSON – Nortel, PASI ERONEN – NOKIA, FAROOQ BARI – AT&T Wireless JOHANNA WILD – MOTOROLA, BLAIR BULLOCK – iPass, ADRIAN BUCKLEY - Rim JARI ARKKO – ERICSSON, BERNARD ABOBA - Microsoft draft-adrangi-eap-network-discovery-and-selection-00.txt
2
Nov 10, 20032 Tmobile Hotspot iPass GRIC AT&T Wireless Sprint Hotspot Mediating Networks (MN) Home Service Networks (HSN) - Sprint has a direct roaming relationship with AT&T HSN -Tmobile AN has an indirect roaming relationship with AT&T HSN via iPass or GRIC MNs Public Wireless LAN (PWLAN) Access Networks (AN) AT&T Subscriber - AT&T Subscriber has a preferred MN Scenarios for AAA Traffic Assumption: the subscriber has already selected the AP
3
Nov 10, 20033 Problem Statement EAP-based clients need information on which home network / Mediating Networks affiliated to Access Network EAP-based clients need ability to influence the selection of Mediating Network used for AAA EAP based clients “routing expression” need to work with existing AAA routing paradigms
4
Nov 10, 20034 Solution Properties Complies with RFC 2284bis It may not require any changes to Access Points (AP) already deployed in Access Networks (AN)
5
Nov 10, 20035 Solution Concepts Uses the EAP-Identity Request to deliver Network Information Uses Decorated NAI in EAP-Identity Response to influence the selection of the Mediating Network
6
Nov 10, 20036 EAP-Identity Request There are three possible options of delivering Network Information using an EAP- Identity Request : –Use the initial EAP-Identity Request issued by the PWLAN AP –Use the initial EAP-Identity Request issued by PWLAN RADIUS proxy –Use a subsequent EAP-Identity Request issued by the PWLAN RADIUS proxy
7
Nov 10, 20037 Initial EAP-Identity Request issued by the PWLAN AP Subscriber AP PWLAN RADIUS Proxy MN RADIUS Proxy HSN RADIUS Server EAP-Identity Req (Network Info) EAP-Identity Resp (Decorated NAI ) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Normal NAI) More EAP Over RADIUS Exchanges Access-Accept EAP-Success
8
Nov 10, 20038 Subscriber AP PWLAN RADIUS Proxy MN RADIUS Proxy HSN RADIUS Server EAP-Identity Req EAP-Identity Resp (Normal NAI) Access-Req (EAP-Identity Resp+ Normal NAI) Access-Challenge (EAP-Identity Req+ Network Info) EAP-Identity Req (Network Info) EAP-Identity Resp (Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Normal NAI) More EAP Over RADIUS Exchanges Access-Accept EAP-Success Subsequent EAP-Identity Request issued by the PWLAN RADIUS Proxy
9
Nov 10, 20039 Subscriber AP PWLAN RADIUS Proxy MN RADIUS Proxy HSN RADIUS Server Association Access-Req (EAP-Start) Access-Challenge (EAP-Identity Req+ Network Info) EAP-Identity Req (Network Info) EAP-Identity Resp (Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Normal NAI) More EAP Over RADIUS Exchanges Access-Accept EAP-Success Initial EAP-Identity Request issued by the PWLAN RADIUS Proxy
10
Nov 10, 200310 Data Model Structured as a set of comma-separated attribute names and values Attribute=value, …Attribute=value
11
Nov 10, 200311 “Realms” Attribute The draft defines an attribute for specifying a list of realms corresponding to home or Mediating Networks that are recognized by the PWLAN AN. Example: Realms=gric.com;mnc123.mcc334.3gppnetwork.org
12
Nov 10, 200312 NAI Decoration Format/Syntax Selection Criteria –MUST be compliant with RFC 2486 & RFC 2706 –SHOULD be compliant with majority of the current RADIUS proxies deployed in networks today Alternatives –Prefix-based Syntax; Example: Intermediary/username@homerealm.com Intermediary1/intermediary2/username@homerealm.com –Suffix-based Syntax; Example: homerealm!username@intermediary Intermediary2!homerealm!username@intermediary1 Username\@homerealm@intermediary
13
Nov 10, 200313 Next Steps How should we proceed with this draft? –Which WG does this belong to? –Should this be submitted as an individual RFC? Which NAI format and syntax should be used? Resolve upcoming issues
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.