One document matched: draft-calhoun-diameter-mobileip-00.txt
INTERNET DRAFT Pat R. Calhoun
Category: Standards Track Charles E. Perkins
Title: draft-calhoun-diameter-mobileip-00.txt Sun Microsystems, Inc.
Date: July 1998
DIAMETER
Mobile IP Extensions
<draft-calhoun-diameter-mobileip-00.txt>
Status of this Memo
This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as ``work in progress.''
To learn the current status of any Internet-Draft, please check the
``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow
Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
munnari.oz.au (Pacific Rim), ftp.ietf.org (US East Coast), or
ftp.isi.edu (US West Coast).
Abstract
DIAMETER is an Authentication, Authorization and Accounting (AAA)
Policy Protocol that is used between two entities for various
services.
This document defines an extension that allow a DIAMETER Client to
request authentication and receive autorization information for a
Mobile IP Mobile Node.
Calhoun expires January 1999 [Page 1]
INTERNET DRAFT July 1998
Table of Contents
1.0 Introduction
1.1 Specification of Requirements
2.0 Command Codes
2.1 AA-Mobile-Node-Request (AMR)
2.2 AA-Mobile-Node-Answer (AMA)
2.3 Home-Agent-MIP-Request
2.4 Home-Agent-MIP-Answer
3.0 DIAMETER AVPs
3.1 MIP-Registration-Request
3.2 MIP-Registration-Reply
3.3 MN-FA-Challenge
3.4 MN-FA-Response
3.5 MN-FA-SPI
3.6 MN-to-FA-Key
3.7 FA-to-MN-Key
3.8 FA-HA-SPI
3.9 FA-to-HA-Key
3.10 HA-to-FA-Key
3.11 MN-HA-SPI
3.12 MN-to-HA-Key
3.13 HA-to-MN-Key
3.14 Mobile-Node-Address
3.15 Home-Agent-Address
3.16 Session-Timeout
4.0 Protocol Definition
5.0 References
6.0 Authors' Addresses
1.0 Introduction
The Mobile IP [4] protocol defines a method that allows Mobile Nodes
to change their point of attachments on the Internet without service
disruption. The protocol requires that all Mobility Agents share a
pre-existing security association, which leads to scaling problems.
The protocol also does not mention how Mobility Agents account for
services rendered, which does not make it an attractive protocol for
use by service providers.
This draft describes an extension that allows cross-domain
authentication and authorization, assignment of Mobile Node Home
Addresses, assignment of Home Agent as well as Key Distribution to
allows the Mobile IP network to scale in a large network.
The dynamic assignment of Mobile Node and Home Agent addresses makes
this extension useful for Service Providers wishing to provide Mobile
Calhoun expires January 1999 [Page 2]
INTERNET DRAFT July 1998
IP services for mobile nodes.
The soon-to-be DIAMETER Accounting extension will be used to collect
accounting information.
This extension requires small modifications to the Mobile IP protocol
[4], which already exists in the TEP protocol [8], to allow a Mobile
Node to identify itself using an NAI [6] in addition to an IP
address. The use of the NAI is consistent with the current roaming
model which makes use of DIAMETER proxying [7].
The Extension number for this draft is four (4). This value is used
in the Extension-Id AVP as defined in [1].
1.1 Specification of Requirements
In this document, several words are used to signify the requirements
of the specification. These words are often capitalized.
MUST This word, or the adjective "required", means that the
definition is an absolute requirement of the
specification.
MUST NOT This phrase means that the definition is an absolute
prohibition of the specification.
SHOULD This word, or the adjective "recommended", means that
there may exist valid reasons in particular circumstances
to ignore this item, but the full implications must be
understood and carefully weighed before choosing a
different course.
MAY This word, or the adjective "optional", means that this
item is one of an allowed set of alternatives. An
implementation which does not include this option MUST
be prepared to interoperate with another implementation
which does include the option.
2.0 Command Codes
This document defines the following DIAMETER Commands. All DIAMETER
implementations supporting this extension MUST support all of the
following commands:
Calhoun expires January 1999 [Page 3]
INTERNET DRAFT July 1998
Command Name Command Code
-----------------------------------
AA-Mobile-Node-Request 306
AA-Mobile-Node-Answer 307
Home-Agent-MIP-Request 308
Home-Agent-MIP-Answer 309
2.1 AA-Mobile-Node-Request (AMR)
Description
The AA-Mobile-Node-Request is sent by a Foreign Agent acting as a
DIAMETER client to a server to request authentication and
authorization of a Mobile Node.
The AA-Mobile-Node-Request message MUST include the MIP-
Registration-Request, User-Name, MN-FA-Challenge, MN-FA-Response
AVP as well as the Session-Id AVPs.
When the Mobile-Node-Address AVP is absent from the AA-Mobile-
Node-Request, it indicates that a Home Address should be assigned
to the Mobile Node. When the Home-Agent-Address AVP is absent from
the AA-Mobile-Node-Request, it indicates that a Home Agent should
be assigned to the Mobile Node.
Message Format
<AA-Mobile-Node-Request> ::= <DIAMETER Header>
<AA-Mobile-Node-Request Command AVP>
<Session-Id AVP>
<User-Name AVP>
<MIP-Registration-Request AVP>
<MN-FA-Challenge AVP>
<MN-FA-Response AVP>
<Timestamp AVP>
<Initialization-Vector AVP>
{<Integrity-Check-Vector AVP> ||
<Digital-Signature AVP> }
AVP Format
A summary of the AA-Mobile-Node-Request packet format is shown
below. The fields are transmitted from left to right.
Calhoun expires January 1999 [Page 4]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Command Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
256 DIAMETER Command
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Command Code
The Command Code field MUST be set to 306 (AA-Mobile-Node-
Request).
2.2 AA-Mobile-Node-Answer (AMA)
Description
The AA-Mobile-Node-Answer is sent by the DIAMETER Server to the
client in response to the AA-Mobile-Node-Request message. The
message MUST include the Session-Id, Result-Code, MIP-
Registration-Reply as well as the various key and SPI AVPs (shown
below) and MAY include the Home-Agent-Address and Mobile-Node-
Address AVPs.
When the Home-Agent-Address AVP is present in this message it
contains the Home Agent that was assigned to the Mobile Node. When
the Mobile-Node-Address AVP is present in this message it contains
the Home Address that is being assigned to the Mobile Node.
The following error codes are defined for this message:
Calhoun expires January 1999 [Page 5]
INTERNET DRAFT July 1998
DIAMETER_ERROR_UNKNOWN_DOMAIN 1
This error code is used to indicate to the initiator of the
request that the requested domain is unknown and cannot be
resolved.
DIAMETER_ERROR_USER_UNKNOWN 2
This error code is used to indicate to the initiator that
the username request is not valid.
DIAMETER_ERROR_BAD_PASSWORD 3
This error code indicates that the password provided is
invalid.
DIAMETER_ERROR_CANNOT_AUTHORIZE 4
This error code is used to indicate that the user cannot be
authorized due to the fact that the user has expended local
resources. This could be a result that the server believes
that the user has already spent the number of credits in
his/her account, etc.
Message Format
<AA-Mobile-Node-Answer> ::= <DIAMETER Header>
<AA-Mobile-Node-Answer Command AVP>
<Session-Id AVP>
<Result-Code AVP>
<MIP-Registration-Reply AVP>
<MN-FA-SPI AVP>
<FA-to-MN-Key AVP>
<FA-HA-SPI AVP>
<FA-to-HA-Key AVP>
[<Home-Agent-Address AVP>]
[<Mobile-Node-Address AVP>]
<Timestamp AVP>
<Initialization-Vector AVP>
{<Integrity-Check-Vector AVP> ||
<Digital-Signature AVP> }
AVP Format
A summary of the AA-Mobile-Node-Answer packet format is shown
below. The fields are transmitted from left to right.
Calhoun expires January 1999 [Page 6]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Command Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
256 DIAMETER Command
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Command Code
The Command Code field MUST be set to 307 (AA-Mobile-Node-
Answer).
2.3 Home-Agent-MIP-Request (HAR)
Description
The Home-Agent-MIP-Request is sent by the home DIAMETER server to
the Home Agent overseeing the Mobile Node to process the Mobile IP
Registration Request.
The Home-Agent-MIP-Request message MUST include the MIP-
Registration-Request, User-Name, Session-Id as well as the SPI and
key AVPs (shown below) to be used by the Mobile Node and the Home
Agent.
When the Mobile-Node-Address AVP is absent from the request it
indicates that the Home Agent MUST assign a Home Address for the
Mobile Node, othewise the value in the Mobile-Node-Address AVP
MUST be used.
Calhoun expires January 1999 [Page 7]
INTERNET DRAFT July 1998
Message Format
<Home-Agent-MIP-Request> ::= <DIAMETER Header>
<Home-Agent-MIP-Request Command AVP>
<Session-Id AVP>
<User-Name AVP>
<MIP-Registration-Request AVP>
<MN-HA-SPI AVP>
<HA-to-MN-Key AVP>
<MN-to-HA-Key AVP>
<FA-HA-SPI AVP>
<HA-to-FA-Key AVP>
<MN-FA-SPI AVP>
<MN-to-FA-Key AVP>
[<Mobile-Node-Address AVP>]
<Timestamp AVP>
<Initialization-Vector AVP>
{<Integrity-Check-Vector AVP> ||
<Digital-Signature AVP> }
AVP Format
A summary of the Home-Agent-MIP-Request packet format is shown
below. The fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Command Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
256 DIAMETER Command
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Calhoun expires January 1999 [Page 8]
INTERNET DRAFT July 1998
Command Code
The Command Code field MUST be set to 308 (Home-Agent-MIP-
Request).
2.4 Home-Agent-MIP-Answer (HAA)
Description
The Home-Agent-MIP-Answer is sent by the Home Agent to the home
DIAMETER Server in response to the Home-Agent-MIP-Request. The
message MUST include the Session-Id, Result-Code, MIP-
Registration-Reply and MAY include the Mobile-Node-Address if the
Home Agent was responsible for assigning an address to the Mobile
Node.
The following error codes are defined for this message:
DIAMETER_ERROR_BAD_KEY 1
This error code is used by the Home Agent to indicate to the
local DIAMETER Server that the key generated is invalid.
DIAMETER_ERROR_BAD_HOME_ADDRESS 2
This error code is used by the Home Agent to indicate that
the Home Address chosen by the Mobile Node or assigned by
the local DIAMETER server cannot be handled.
DIAMETER_ERROR_TOO_BUSY 3
This error code is used by the Home Agent to inform the
DIAMETER Server that it cannot handle an extra Mobile Node.
Upon receiving this error the DIAMETER Server can try to use
an alternate Home Agent if available.
DIAMETER_ERROR_MIP_REPLY_FAILURE 4
This error code is used by the Home Agent to inform the
DIAMETER Server that the Registration Request was not
successful.
Message Format
<Home-Agent-MIP-Answer> ::= <DIAMETER Header>
<Home-Agent-MIP-Answer Command AVP>
<Session-Id AVP>
<Result-Code AVP>
<MIP-Registration-Reply AVP>
[<Mobile-Node-Address AVP>]
<Timestamp AVP>
Calhoun expires January 1999 [Page 9]
INTERNET DRAFT July 1998
<Initialization-Vector AVP>
{<Integrity-Check-Vector AVP> ||
<Digital-Signature AVP> }
AVP Format
A summary of the Home-Agent-MIP-Answer packet format is shown
below. The fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Command Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
256 DIAMETER Command
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Command Code
The Command Code field MUST be set to 309 (Home-Agent-MIP-
Answer).
3.0 DIAMETER AVPs
This section will define the mandatory AVPs which MUST be supported
by all DIAMETER implementations supporting this extension. The
following AVPs are defined in this document:
Calhoun expires January 1999 [Page 10]
INTERNET DRAFT July 1998
Attribute Name Attribute Code
-----------------------------------
MIP-Registration-Request 320
MIP-Registration-Reply 321
MN-FA-Challenge 322
MN-FA-Response 323
MN-FA-SPI 324
MN-to-FA-Key 325
FA-to-MN-Key 326
FA-HA-SPI 327
FA-to-HA-Key 328
HA-to-FA-Key 329
MN-HA-SPI 330
MN-to-HA-Key 331
HA-to-MN-Key 332
Mobile-Node-Address 333
Home-Agent-Address 334
Session-Timeout 27
3.1 MIP-Registration-Request
Description
This AVP is used to carry the Mobile IP Registration Request [4]
sent by the Mobile Node to the Foreign Agent within a DIAMETER
message.
AVP Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
320 MIP-Registration-Request
AVP Length
The length of this attribute MUST be at least 9.
Calhoun expires January 1999 [Page 11]
INTERNET DRAFT July 1998
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the Mobile IP Registration Request.
3.2 MIP-Registration-Reply
Description
This AVP is used to carry the Mobile IP Registration Reply [4]
sent by the Home Agent to the Foreign Agent within a DIAMETER
message.
AVP Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
321 MIP-Registration-Reply
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the Mobile IP Registration Reply.
Calhoun expires January 1999 [Page 12]
INTERNET DRAFT July 1998
3.3 MN-FA-Challenge
Description
This AVP contains the Challenge generated by the Foreign Agent to
the Mobile Node as defined in [5].
AVP Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
322 MN-FA-Challenge
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the Foreign Agent's Challenge to the
Mobile Node.
3.4 MN-FA-Response
Description
This AVP contains the Response generated by the Mobile Node as
defined in [5]. The value is the result of the Challenge presented
by the Foreign Agent hashed using the secret the Mobile Node
shares with it's Home DIAMETER Server.
Calhoun expires January 1999 [Page 13]
INTERNET DRAFT July 1998
AVP Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
323 MN-FA-Response
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the Mobile Node's Challenge Response.
3.5 MN-FA-SPI
Description
The MN-FA-SPI is sent in both the Home-Agent-MIP-Request as well
as the AA-Mobile-Node-Answer messages and contains the SPI value
associated with the key generated by the home DIAMETER Server for
use between the Foreign Agent and the Mobile Node (MN-to-FA-Key,
FA-to-MN-Key).
AVP Format
Calhoun expires January 1999 [Page 14]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Integer32 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
324 MN-FA-SPI
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Integer32
The Integer32 field contains the SPI value associated with the
key shared between the Mobile Node and the Foreign Agent.
3.6 MN-to-FA-Key
Description
This AVP contains the Key generated by the home DIAMETER Server
that must be used by the Mobile Node when computing the Mobile-
Foreign- Authentication-Extension in the Mobile IP Registration
Request [4].
AVP Format
Calhoun expires January 1999 [Page 15]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
325 MN-to-FA-Key
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the encrypted key to be used by the
Mobile Node when generating the Mobile IP Mobile-Foreign-
Authentication-Extension.
3.7 FA-to-MN-Key
Description
This AVP contains the Key generated by the home DIAMETER Server
that must be used by the Foreign Agent when computing the Mobile-
Foreign- Authentication-Extension in the Mobile IP Registration
Reply [4].
AVP Format
Calhoun expires January 1999 [Page 16]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
326 FA-to-MN-Key
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the encrypted key to be used by the
Foreign Agent when generating the Mobile IP Mobile-Foreign-
Authentication-Extension.
3.8 FA-HA-SPI
Description
The FA-HA-SPI is sent in both the Home-Agent-MIP-Request as well
as the AA-Mobile-Node-Answer messages and contains the SPI value
associated with the key generated by the home DIAMETER Server for
use between the Foreign Agent and the Home Agent (FA-to-HA-Key,
HA-to-FA-Key).
AVP Format
Calhoun expires January 1999 [Page 17]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Integer32 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
327 FA-HA-SPI
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Integer32
The Integer32 field contains the SPI value associated with the
key shared between the Foreign Agent and the Home Agent.
3.9 FA-to-HA-Key
Description
This AVP contains the Key generated by the home DIAMETER Server
that must be used by the Foreign Agent when computing the
Foreign-Home Authentication-Extension in the Mobile IP
Registration Request [4].
AVP Format
Calhoun expires January 1999 [Page 18]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
328 FA-to-HA-Key
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the encrypted key to be used by the
Foreign Agent when generating the Mobile IP Foreign-Home-
Authentication-Extension.
3.10 HA-to-FA-Key
Description
This AVP contains the Key generated by the home DIAMETER Server
that must be used by the Home Agent when computing the Foreign-
Home Authentication-Extension in the Mobile IP Registration Reply
[4].
AVP Format
Calhoun expires January 1999 [Page 19]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
329 HA-to-FA-Key
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the encrypted key to be used by the
Home Agent when generating the Mobile IP Foreign-Home-
Authentication-Extension.
3.11 MN-HA-SPI
Description
The MN-HA-SPI is sent in both the Home-Agent-MIP-Request as well
as the AA-Mobile-Node-Answer messages and contains the SPI value
associated with the key generated by the home DIAMETER Server for
use between the Mobile Node and the Home Agent (MN-to-HA-Key, HA-
to-MN-Key).
AVP Format
Calhoun expires January 1999 [Page 20]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Integer32 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
330 MN-HA-SPI
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Integer32
The Integer32 field contains the SPI value associated with the
Session Key shared between the Mobile Node and the Home Agent.
3.12 MN-to-HA-Key
Description
This AVP contains the Key generated by the home DIAMETER Server
that must be used by the Mobile Node when computing the Mobile-
Home Authentication-Extension in the Mobile IP Registration
Request [4].
AVP Format
Calhoun expires January 1999 [Page 21]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
331 MN-to-HA-Key
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the encrypted key to be used by the
Mobile Node when generating the Mobile IP Mobile-Home-
Authentication-Extension.
3.13 HA-to-MN-Key
Description
This AVP contains the Key generated by the home DIAMETER Server
that must be used by the Home Agent when computing the Mobile-Home
Authentication-Extension in the Mobile IP Registration Reply [4].
AVP Format
Calhoun expires January 1999 [Page 22]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data ...
+-+-+-+-+-+-+-+-+
AVP Code
332 HA-to-MN-Key
AVP Length
The length of this attribute MUST be at least 9.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Data
The data field contains the encrypted key to be used by the
Home Agent when generating the Mobile IP Mobile-Home-
Authentication-Extension.
3.14 Mobile-Node-Address
Description
When used in the AA-Mobile-Node-Request it contains the Mobile
Node's Home Address. When present in the MIP-Registration-Reply
message it contains the Home Address assigned to the Mobile Node.
The lack of this AVP in the AA-Mobile-Node-Request indicates that
the Mobile Node is requesting that a Home Address be assigned to
it.
AVP Format
Calhoun expires January 1999 [Page 23]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
333 Mobile-Node-Address
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Address
The Address field contains the IP address assigned to the
Mobile Node.
3.15 Home-Agent-Address
Description
When used in the AA-Mobile-Node-Request it contains the Mobile
Node's requested Home Agent. When present in the MIP-
Registration-Reply message it contains the Home Agent assigned to
the Mobile Node.
The lack of this AVP in the AA-Mobile-Node-Request indicates that
the Mobile Node is requesting that a Home Agent be assigned to it.
AVP Format
Calhoun expires January 1999 [Page 24]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AVP Code
334 Home-Agent-Address
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Address
The Address field contains the Home Agent address assigned to
the Mobile Node.
3.16 Session-Timeout
Description
This AVP contains the number of seconds before the session keys
expire.
AVP Format
A summary of the Session-Timeout Attribute format is shown below.
The fields are transmitted from left to right.
Calhoun expires January 1999 [Page 25]
INTERNET DRAFT July 1998
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVP Length | Reserved |U|T|V|E|H|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Integer32 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
27 for Session-Timeout.
AVP Length
The length of this attribute MUST be 12.
AVP Flags
The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
upon the security model used. The 'V', 'T' and the 'U' bits
MUST NOT be set.
Integer32
The Integer32 field is 4 octets, containing a 32-bit unsigned
integer with the number of seconds before the session keys
expire.
A value of zero means that the session keys have no expiration.
4.0 Protocol Definition
This section will outline how the DIAMETER Mobile IP Extension can be
used. The follwing diagram is an example of an inter-domain Mobile IP
network.
Calhoun expires January 1999 [Page 26]
INTERNET DRAFT July 1998
ISP Home Network
+--------+ +--------+
| proxy | AMR/A | AAA |
| AAA |<--------------->| |
| server | server-server | server |
+--------+ communication +--------+
/ /| /|(
/AMR/A | client-server | HAR/A
/ | communication |
|/_ / /
+---------+ +---------+ +---------+
| Foreign | | Foreign | | Home |
| Agent | | Agent | | Agent |
+---------+ +---------+ +---------+
/|(
| Mobile IP
|
/
+--------+
| Mobile |
| Node |
+--------+
The AA-Mobile-Node-Request is generated by the Foreign Agent and
includes the AVPs defined in section 2.1. If the Home Address field
in the Registration Request was set to a value other than zero the
Mobile-Node-Address AVP is added to the DIAMETER request. If the Home
Agent field in the Registration Request was set to a value other than
zero the Home-Agent-Address AVP is added to the DIAMETER request. The
DIAMETER request is then forwarded to the Foreign Agent's local
DIAMETER Server.
When the ISP's DIAMETER Server receives the message it looks at the
User-Name AVP [1] to determine whether authentication and
authorization can be handled locally. The User-Name format is
consistent with the NAI described in [6] and the user's domain is
used to determine the Mobile Node's home DIAMETER Server. In the
example below the request cannot be processed locally, therefore the
request is forwarded to the Mobile Node's home DIAMETER Server.
The following is an example of the first Mobile IP and DIAMETER
exchange which sets up the key. Note that this example is also valid
when the session key expires and a new key needs to be generated.
Calhoun expires January 1999 [Page 27]
INTERNET DRAFT July 1998
Mobile Node Foreign Agent Proxy Server Home Server Home Agent
----------- ------------- ------------ ----------- ----------
<-------Challenge
Reg-Req(Response)->
AMR------------->
AMR------------>
HAR----------->
<----------HAA
<-----------AMA
<------------AMA
<-------Reg-Reply
The home DIAMETER Server must first authenticate the user. This is
done by fist validating the MN-FA-Challenge which contains a
timstamp. The timestamp information is embedded within the challenge
to prevent replay attacks. The server then uses the user's secret or
its public key and performs the hash on the the challenge and ensures
that the result is identical with the value in the MN-FA-Response
AVP. If both values are identical the user is authenticated,
otherwise an error message is returned. See [5] for more information
on the challenge format and how the hash is computed.
If successfully authenticated, the DIAMETER Server checks whether the
Home-Agent-Address AVP was part of the AA-Mobile-Node-Request. If so
the server must validate the address to ensure that it is a known
Home Agent. If no such AVP was present in the request the server can
allocate a known Home Agent for the Mobile Node. This can be done in
a variety of ways including using a load balancing algorithm in order
not to overburden any given Home Agent. Note that the existing Home
Agent Discovery method described in [4] can still be used.
If the request did not contain a Mobile-Node-Address AVP, the
DIAMETER Server has the option to assign an address for the Mobile
Node or leave it up to the Home Agent to assign an address. This is
purely a local policy decision.
The DIAMETER Server then generates three sets of short-lived session
keys. One that will be shared between the Home agent and the Foreign
Agent, one between the Mobile Node and the Foreign Agent and one
between the Mobile Node and the Home Agent.
The keys destined for the Mobile Node are encrypted either using the
Mobile Node's secret or its public key [1]. The keys destined for the
Foreign Agent are encrypted either using the DIAMETER Secret shared
between the Home DIAMETER Server and the ISP's proxy Server, or using
public key cryptography [1]. The keys destined for the Home Agent can
be either encrypted using the DIAMETER Secret, or if IPSEC's ESP is
Calhoun expires January 1999 [Page 28]
INTERNET DRAFT July 1998
in use no DIAMETER encryption is necessary. The Session-Timeout AVP
is included and contains the number of seconds before the session
keys expire.
Note that this extension requires a departure from the existing SPI
usage described in [4]. The DIAMETER Server generates SPI values for
the Mobility Agents as opposed to a receiver choosing its own SPI
value. The SPI values are used as a Key Identifier, meaning that each
shared session key has its own SPI value and since two nodes share a
session key they share an SPI as well.
Take for example a scenario where a Mobile Node and a Foreign Agent
share a key that was created by the DIAMETER Server. The Server also
generated a corresponding SPI value of x. All Mobile-Foreign
Authentication extensions must be computed by either entity using the
shared session key and include the SPI value of x.
The DIAMETER Server then sends a Home-Agent-MIP-Request to the
assigned or requested Home Agent. The request contains the original
MIP-Registration-Request as well as the keys and SPIs destined for
the Home Agent (HA-to-MN-Key, MN-HA-SPI, HA-to-FA-Key and FA-HA-SPI
AVPs) and the Mobile Node (MN-FA-SPI, MN-to-FA-Key, MN-HA-SPI and
MN-to-HA-Key AVP). The Mobile-Node-Address AVP is present if the
Mobile Node specified an address or if the home DIAMETER Server
assigned an address, but not if the Home Agent assigns it.
The Home Agent processes the DIAMETER Home-Agent-MIP-Request as well
as the embedded Mobile IP Registration Request. If both are
successfully processed, the Home Agent creates the Mobile IP
Registration Reply and includes the keying material to be used by the
Mobile Node (MN-FA SPI, MN-to-FA-Key, MN-HA-SPI and MN-to-HA-Key)
which is attached as the MIP-Registration-Reply AVP. If no Mobile-
Node-Address AVP was present in the request the Home Agent must
assign an address for the Mobile Node. The Result-Code AVP is
included and the Home-Agent-MIP-Answer is sent to the home DIAMETER
Server.
The home DIAMETER Server issues a AA-Mobile-Node-Answer to the
Foreign Agent which includes the MIP-Registration-Reply, Result-Code
and the Mobile-Node-Address AVP. The message also includes the keys
and SPI AVPs used by the Foreign Agent (MN-FA-SPI, FA-to-MN-Key, FA-
HA-SPI and the FA-to-HA-Key AVPs). The message is then transmitted to
the ISP's proxy DIAMETER Server.
Upon receipt of the successful AA-Mobile-Node-Answer the proxy server
decrypts the FA-to-MN-Key and the FA-to-HA-Key AVPs. These keys are
then re-encrypted using the DIAMETER secret, or are not encrypted if
IPSEC's ESP is used between the Foreign Agent and the Proxy DIAMETER
Calhoun expires January 1999 [Page 29]
INTERNET DRAFT July 1998
Server. The message is transmitted to the Foreign Agent.
The Foreign Agent, upon receipt of the AA-Mobile-Node-Answer, must
decrypt the appropriate KEY AVPs, process the Mobile IP Registration
Reply which is then forwarded to the Mobile Node.
from this point on, all Registration Request and Replies no longer
traverse through the DIAMETER proxy chain and the Foreign Agent can
contact the Home Agent directly using the keys which were previously
distributed. This can continue until the session keys expire, which
is indicated in the Session-Timeout AVP.
The following is an example of subsequent Mobile IP message exchange.
Mobile Node Foreign Agent Home Agent
----------- ------------- ----------
Reg-Req(MN-FA-Auth, MN-HA-Auth)-------->
Reg-Req(MN-HA-Auth, FA-HA-Auth)-------->
<--------Reg-Rep(MN-HA-Auth, FA-HA-Auth)
<--------Reg-Rep(MN-HA-Auth, MN-FA-Auth)
5.0 References
[1] Calhoun, Rubens, "DIAMETER", Internet-Draft,
draft-calhoun-diameter-04.txt, July 1998.
[2] Calhoun, Zorn, Pan, "DIAMETER Framework", Internet-
Draft, draft-calhoun-diameter-framework-01.txt, August 1998
[3] P. Calhoun, G. Montenegro, C. Perkins, "Tunnel Establishment
Protocol", draft-ietf-mobileip-calhoun-tep-01.txt, March 1998.
[4] C. Perkins, Editor. IP Mobility Support. RFC 2002, October
1996.
[5] C. Perkins, "Router Advertisement Challenge Extension",
draft-ietf-mobileip-?????-00.txt, August 1998.
[6] B. Aboba. "The Network Access Identifier." draft-ietf-roamops-
nai-11.txt, July 1998.
[7] Aboba, Zorn, "Roaming Requirements", draft-ietf-roamops-
roamreq-09.txt, April 1998.
Calhoun expires January 1999 [Page 30]
INTERNET DRAFT July 1998
[8] P. Calhoun, G. Montenegro, C. Perkins, "Tunnel Establishment
Protocol", draft-ietf-mobileip-calhoun-tep-01.txt, March 1998.
6.0 Authors' Addresses
Questions about this memo can be directed to:
Pat R. Calhoun
Technology Development
Sun Microsystems, Inc.
15 Network Circle
Menlo Park, California, 94025
USA
Phone: 1-650-786-7733
Fax: 1-650-786-6445
E-mail: pcalhoun@eng.sun.com
Charles E. Perkins
Technology Development
Sun Microsystems, Inc.
15 Network Circle
Menlo Park, California, 94025
USA
Phone: 1-650-786-6464
Fax: 1-650-786-6445
E-mail: charles.perkins@eng.sun.com
Calhoun expires January 1999 [Page 31]
| PAFTECH AB 2003-2026 | 2026-04-21 20:56:22 |