One document matched: draft-ietf-pana-statemachine-12.xml
<?xml version='1.0'?> <?xml-stylesheet type='text/xsl' href='http://xml.resource.org/authoring/rfc2629.xslt' ?>
<!DOCTYPE rfc
SYSTEM 'rfc2629.dtd' [ <!ENTITY rfc2629 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2629.xml'>
<!ENTITY ikev2 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-ipsec-ikev2.xml'>
<!ENTITY rfc5191 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5191.xml'>
<!ENTITY rfc4016 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4016.xml'>
<!ENTITY rfc4058 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4058.xml'>
<!ENTITY peap PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.josefsson-pppext-eap-tls-eap.xml'>
<!ENTITY eap-ttls PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-pppext-eap-ttls.xml'>
<!ENTITY eap-ikev2 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.tschofenig-eap-ikev2.xml'>
<!ENTITY rfc2284bis PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-eap-rfc2284bis.xml'>
<!ENTITY binding-problem PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.puthenkulam-eap-binding.xml'>
<!ENTITY eap-gss PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.aboba-pppext-eapgss.xml'>
<!ENTITY ike-dpd PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-ipsec-dpd.xml'>
<!ENTITY pana-ipsec PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-pana-ipsec.xml'>
<!ENTITY pana-dhcp PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.tschofenig-pana-bootstrap-rfc3118.xml'>
<!ENTITY pana-framework PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-pana-framework.xml'>
<!ENTITY pana-cxtp PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-pana-cxtp.xml'>
<!ENTITY pana-snmp PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-pana-snmp.xml'>
<!ENTITY rfc4072 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4072.xml'>
<!ENTITY rfc4137 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4137.xml'>
<!ENTITY rfc1982 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.1982.xml'>
<!ENTITY rfc2119 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml'>
<!ENTITY rfc2131 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2131.xml'>
<!ENTITY rfc2284 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2284.xml'>
<!ENTITY rfc2988 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2988.xml'>
<!ENTITY rfc2716 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2716.xml'>
<!ENTITY rfc2409 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2409.xml'>
<!ENTITY rfc2234 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2234.xml'>
<!ENTITY rfc3588 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3588.xml'>
<!ENTITY rfc2522 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2522.xml'>
<!ENTITY rfc2478 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2478.xml'>
<!ENTITY rfc3329 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3748.xml'>
<!ENTITY rfc3329 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3329.xml'>
<!ENTITY rfc3315 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3315.xml'>
<!ENTITY rfc2462 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2462.xml'>
<!ENTITY rfc2464 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2464.xml'>
<!ENTITY rfc4058 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4058.xml'>
<!ENTITY rfc3456 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3456.xml'> ]
>
<?rfc toc="yes"?>
<?rfc symrefs="yes"?>
<rfc category='info' ipr='trust200811' docName='draft-ietf-pana-statemachine-12'>
<front>
<title abbrev="PANA State Machines">
State Machines for Protocol for Carrying Authentication for Network Access (PANA)
</title>
<author role="editor" initials="V." surname="Fajardo"
fullname="Victor Fajardo">
<organization abbrev="TARI">
Toshiba America Research, Inc.
</organization>
<address>
<postal>
<street>1 Telcordia Drive</street>
<city>Piscataway</city>
<region>NJ</region>
<code>08854</code>
<country>USA</country>
</postal>
<phone>+1 732 699 5368</phone>
<email>vfajardo@tari.toshiba.com</email>
</address>
</author>
<author initials="Y." surname="Ohba"
fullname="Yoshihiro Ohba">
<organization abbrev="TARI">
Toshiba America Research, Inc.
</organization>
<address>
<postal>
<street>1 Telcordia Drive</street>
<city>Piscataway</city>
<region>NJ</region>
<code>08854</code>
<country>USA</country>
</postal>
<phone>+1 732 699 5305</phone>
<email>yohba@tari.toshiba.com</email>
</address>
</author>
<author initials="R." surname="Lopez"
fullname="Rafa Marin Lopez">
<organization abbrev="Univ. of Murcia">
University of Murcia
</organization>
<address>
<postal>
<street>30071 Murcia</street>
<region></region>
<country>Spain</country>
</postal>
<email>rafa@dif.um.es</email>
</address>
</author>
<date year="2009"/>
<workgroup>PANA Working Group </workgroup>
<abstract>
<t>
This document defines the conceptual state machines for the
Protocol for Carrying Authentication for Network Access
(PANA). The state machines consist of the PANA Client (PaC)
state machine and the PANA Authentication Agent (PAA) state
machine. The two state machines show how PANA can interface
with the EAP state machines. The state machines and associated
model are informative only. Implementations may achieve the
same results using different methods.
</t>
</abstract>
</front>
<middle>
<section title='Introduction'>
<t>
This document defines the state machines for Protocol Carrying
Authentication for Network Access (PANA) <xref
target='RFC5191'/>. There are state machines for
the PANA client (PaC) and for the PANA Authentication Agent
(PAA). Each state machine is specified through a set of
variables, procedures and a state transition table. The state
machines and associated models described in this document are
informative only. Implementations may achieve similar results
using different models and/or methods.
</t>
<t>
A PANA protocol execution consists of several exchanges to
carry authentication information. Specifically, EAP PDUs are
transported inside PANA PDUs between PaC and PAA, that is PANA
represents a lower layer for EAP protocol. Thus, a PANA state
machine bases its execution on an EAP state machine execution
and vice versa. Thus this document also shows for each of PaC
and PAA an interface between an EAP state machine and a PANA
state machine and how this interface allows to exchange
information between them. Thanks to this interface, a PANA
state machine can be informed about several events generated
in an EAP state machine and make its execution conditional to
its events.
</t>
<t>
The details of EAP state machines are out of the scope of this
document. Additional information can be found in
<xref target='RFC4137'/>. Nevertheless PANA
state machines presented here have been coordinated with state
machines shown by <xref target='RFC4137'/>.
</t>
<t>
This document, apart from defining PaC and PAA state machines
and their interfaces to EAP state machines (running on top of
PANA), provides some implementation considerations, taking
into account that it is not a specification but an
implementation guideline.
</t>
</section>
<section title="Terminology">
<t> This document reuses the terminology used in <xref target="RFC5191"/>.
</t>
</section>
<section title='Interface Between PANA and EAP'>
<t>
PANA carries EAP messages exchanged between an EAP peer and an
EAP authenticator (see <xref target='figure-pana-model'/>).
Thus a PANA state machine interacts with an EAP state
machine.
</t>
<t>
Two state machines are defined in this document : the PaC
state machine (see <xref target='section-pac-statemachine'/>)
and the PAA state machine (see <xref
target='section-paa-statemachine'/>). The definition of each
state machine consists of a set of variables, procedures and a
state transition table. A subset of these variables and
procedures defines the interface between a PANA state machine
and an EAP state machine and the state transition table
defines the PANA state machine behavior based on results
obtained through them.
</t>
<t>
On the one hand, the PaC state machine interacts with an EAP
peer state machine in order to carry out the PANA protocol on
the PaC side. On the other hand, the PAA state machine
interacts with an EAP authenticator state machine to run the
PANA protocol on the PAA side.
</t>
<figure anchor='figure-pana-model' title='Interface between PANA and EAP'>
<artwork>
Peer |EAP Auth
EAP <---------|------------> EAP
^ | | ^ |
| | | EAP-Message | | EAP-Message
EAP-Message | |EAP-Message | | |
| v |PANA | v
PaC <---------|------------> PAA
</artwork>
</figure>
<t>
Thus two interfaces are needed between PANA state machines and
EAP state machines, namely:
<list style='symbols'>
<t>
Interface between the PaC state machine and the EAP peer
state machine
</t>
<t>
Interface between the PAA state machine and the EAP
authenticator state machine
</t>
</list>
</t>
<t>
In general, the PaC and PAA state machines present EAP messages to
the EAP peer and authenticator state machines through the
interface, respectively. The EAP peer and authenticator state
machines process these messages and sends EAP messages through
the PaC and PAA state machines that is responsible for actually
transmitting this message, respectively.
</t>
<t>
For example, <xref target='RFC4137'/>
specifies four interfaces to lower layers: (i) an interface
between the EAP peer state machine and a lower layer, (ii) an
interface between the EAP standalone authenticator state
machine and a lower layer, (iii) an interface between the EAP
full authenticator state machine and a lower layer and (iv) an
interface between the EAP backend authenticator state machine
and a lower layer. In this document, the PANA protocol is the
lower layer of EAP and only the first three interfaces are of
interest to PANA. The second and third interfaces are the
same. In this regard, the EAP standalone authenticator or the
EAP full authenticator and its state machine in <xref
target='RFC4137'/> are referred to as the
EAP authenticator and the EAP authenticator state machine,
respectively, in this document. If an EAP peer and an EAP
authenticator follow the state machines defined in <xref
target='RFC4137'/>, the interfaces between
PANA and EAP could be based on that document. Detailed
definition of interfaces between PANA and EAP are described in
the subsequent sections.
</t>
</section>
<section title='Document Authority'>
<t>
This document is intended to comply with the technical
contents of any of the related documents (<xref target=
'RFC5191'/> and <xref target='RFC4137'/>). When there is
a discrepancy, the related documents are considered
authoritative and they take precedence over this document.
</t>
</section>
<section title='Notations'>
<t>
The following state transition tables are completed mostly
based on the conventions specified in <xref
target='RFC4137'/>. The complete text is
described below.
</t>
<t>
State transition tables are used to represent the operation of
the protocol by a number of cooperating state machines each
comprising a group of connected, mutually exclusive states.
Only one state of each machine can be active at any given
time.
</t>
<t>
All permissible transitions from a given state to other states
and associated actions performed when the transitions occur
are represented by using triplets of (exit condition, exit
action, exit state). All conditions are expressions that
evaluate to TRUE or FALSE; if a condition evaluates to TRUE,
then the condition is met. A state "ANY" is a wildcard state
that matches any state in each state machine except those
explicity enumerated as exception states. The exit conditions
of a wildcard state are evaluated after all other exit conditions
of specific to the current state are met.
</t>
<t>
On exit from a state, the exit actions defined for the state
and the exit condition are executed exactly once, in the order
that they appear. (Note that the procedures
defined in <xref target='RFC4137'/> are
executed on entry to a state, which is one major difference
from this document.) Each exit action is deemed to be atomic;
i.e., execution of an exit action completes before the next
sequential exit action starts to execute. No exit action execute
outside of a state block. The exit actions in only one state
block execute at a time even if the conditions for execution
of state blocks in different state machines are satisfied.
All exit actions in an executing state block complete execution
before the transition to and execution of any other state
blocks. The execution of any state block appears to be atomic
with respect to the execution of any other state block and
the transition condition to that state from the previous state
is TRUE when execution commences. The order of execution of
state blocks in different state machines is undefined except
as constrained by their transition conditions. A variable that
is set to a particular value in a state block retains this
value until a subsequent state block executes an exit action
that modifies the value.
</t>
<t>
On completion of the transition from the previous state to the
current state, all exit conditions occurring during the current
state (including exit conditions defined for the wildcard state)
are evaluated until an exit condition for that state is met.
</t>
<t>
Any event variable is set to TRUE when the corresponding event
occurs and set to FALSE immediately after completion of the
action associated with the current state and the event.
</t>
<t>
The interpretation of the special symbols and operators used
is defined in <xref target='RFC4137'/>.
</t>
</section>
<section title='Common Rules'>
<t>
There are following procedures, variables, message
initializing rules and state transitions that are common to
both the PaC and PAA state machines.
</t>
<t>
Throughout this document, the character string
"PANA_MESSAGE_NAME" matches any one of the abbreviated PANA
message names, i.e., "PCI", "PAR", "PAN", "PTR", "PTA", "PNR",
"PNA".
</t>
<section title='Common Procedures'>
<t>
<list style='hanging'>
<t hangText='void None()'>
<vspace blankLines="1" />
A null procedure, i.e., nothing is done.
</t>
<t hangText='void Disconnect()'>
<vspace blankLines="1" />
A procedure to delete the PANA session as well as the
corresponding EAP session and authorization state.
</t>
<t hangText='boolean Authorize()'>
<vspace blankLines="1" />
A procedure to create or modify authorization state. It
returns TRUE if authorization is successful. Otherwise,
it returns FALSE. It is assumed that Authorize()
procedure of PaC state machine always returns TRUE. In
the case that a non-key-generating EAP method is used
but a PANA SA is required after successful authentication
(generate_pana_sa() returns TRUE), Authorize() procedure
must return FALSE.
</t>
<t hangText='void Tx:PANA_MESSAGE_NAME[flag](AVPs)'>
<vspace blankLines="1" />
A procedure to send a PANA message to its peering PANA entity.
The "flag" argument contains one or more flag (e.g., Tx:PAR[C]) to be set
to the message, except for 'R' (Request) flag. The "AVPs"
contains a list of names of optional AVPs to be inserted in the
message, except for AUTH AVP.
<vspace blankLines="1" />
This procedure includes the following action before actual
transmission:
<vspace blankLines="1" />
<artwork>
if (flag==S)
PANA_MESSAGE_NAME.S_flag=Set;
if (flag==C)
PANA_MESSAGE_NAME.C_flag=Set;
if (flag==A)
PANA_MESSAGE_NAME.A_flag=Set;
if (flag==P)
PANA_MESSAGE_NAME.P_flag=Set;
PANA_MESSAGE_NAME.insert_avp(AVPs);
if (key_available())
PANA_MESSAGE_NANE.insert_avp("AUTH");
</artwork>
</t>
<t hangText='void TxEAP()'>
<vspace blankLines="1" />
A procedure to send an EAP message to the EAP state
machine it interfaces to.
</t>
<t hangText='void RtxTimerStart()'>
<vspace blankLines="1" />
A procedure to start the retransmission timer, reset
RTX_COUNTER variable to zero and set an appropriate
value to RTX_MAX_NUM variable. Note that RTX_MAX_NUM
is assumed to be set to the same default value for all
messages. However, implementations may also reset
RTX_MAX_NUM in this procedure and its value may vary
depending on the message that was sent.
</t>
<t hangText='void RtxTimerStop()'>
<vspace blankLines="1" />
A procedure to stop the retransmission timer.
</t>
<t hangText='void SessionTimerReStart(TIMEOUT)'>
<vspace blankLines="1" />
A procedure to (re)start PANA session timer. TIMEOUT specifies
the expiration time associated of the session timer.
Expiration of TIMEOUT will trigger a SESS_TIMEOUT event.
</t>
<t hangText='void SessionTimerStop()'>
<vspace blankLines="1" />
A procedure to stop the current PANA session timer.
</t>
<t hangText='void Retransmit()'>
<vspace blankLines="1" />
A procedure to retransmit a PANA message and increment
RTX_COUNTER by one(1).
</t>
<t hangText='void EAP_Restart()'>
<vspace blankLines="1" />
A procedure to (re)start an EAP conversation resulting
in the re-initialization of an existing EAP session.
</t>
<t hangText='void PANA_MESSAGE_NAME.insert_avp("AVP_NAME1", "AVP_NAME2",...)'>
<vspace blankLines="1" />
A procedure to insert AVPs for each specified AVP name in the
list of AVP names in the PANA message. When an AVP name ends
with "*", zero, one or more AVPs are inserted, otherwise one
AVP is inserted.
</t>
<t hangText='boolean PANA_MESSAGE_NAME.exist_avp("AVP_NAME")'>
<vspace blankLines="1" />
A procedure that checks whether an AVP of the specified
AVP name exists in the specified PANA message and
returns TRUE if the specified AVP is found, otherwise
returns FALSE.
</t>
<t hangText='boolean generate_pana_sa()'>
<vspace blankLines="1" />
A procedure to check whether the EAP method being used
generates keys and that a PANA SA will be established on
successful authentication. For the PaC, the procedure
is also used to check and match the PRF and Integrity
algorithm AVPs advertised by the PAA in PAR[S] message.
For the PAA, it is used to indicate whether a PRF and Integrity
algorithm AVPs will be sent in the PAR[S]. This procedure will
return true if a PANA SA will be generated. Otherwise, it
returns FALSE.
</t>
<t hangText='boolean key_available()'>
<vspace blankLines="1" />
A procedure to check whether the PANA session has a
PANA_AUTH_KEY. If the state machine already has a
PANA_AUTH_KEY, it returns TRUE. If the state machine
does not have a PANA_AUTH_KEY, it tries to retrieve an
MSK from the EAP entity. If an MSK is retrieved,
it computes a PANA_AUTH_KEY from the MSK and returns
TRUE. Otherwise, it returns FALSE.
</t>
</list>
</t>
</section>
<section title='Common Variables'>
<t>
<list style='hanging'>
<t hangText='PAR.RESULT_CODE'>
<vspace blankLines="1" />
This variable contains the Result-Code AVP value in the
PANA-Auth-Request message in process. When this variable
carries PANA_SUCCESS it is assumed that the PAR message
always contains an EAP-Payload AVP which carries an EAP-Success
message.
</t>
<t hangText='NONCE_SENT'>
<vspace blankLines="1" />
This variable is set to TRUE to indicate that a Nonce-AVP has already
been sent. Otherwise it is set to FALSE.
</t>
<t hangText='RTX_COUNTER'>
<vspace blankLines="1" />
This variable contains the current number of
retransmissions of the outstanding PANA message.
</t>
<t hangText='Rx:PANA_MESSAGE_NAME[flag]'>
<vspace blankLines="1" />
This event variable is set to TRUE when the specified PANA
message is received from its peering PANA entity. The "flag"
contains a flag (e.g., Rx:PAR[C]), except for 'R' (Request)
flag.
</t>
<t hangText='RTX_TIMEOUT'>
<vspace blankLines="1" />
This event variable is set to TRUE when the
retransmission timer is expired.
</t>
<t hangText='REAUTH'>
<vspace blankLines="1" />
This event variable is set to TRUE when an initiation of
re-authentication phase is triggered. This event variable can
only be set while in the OPEN state.
</t>
<t hangText='TERMINATE'>
<vspace blankLines="1" />
This event variable is set to TRUE when initiation of
PANA session termination is triggered. This event variable can
only be set while in the OPEN state.
</t>
<t hangText='PANA_PING'>
<vspace blankLines="1" />
This event variable is set to TRUE when initiation of
liveness test based on PANA-Notification exchange is
triggered. This event variable can only be set while in the
OPEN state.
</t>
<t hangText='SESS_TIMEOUT'>
<vspace blankLines="1" />
This event is variable is set to TRUE when the session
timer has expired.
</t>
<t hangText='LIFETIME_SESS_TIMEOUT'>
<vspace blankLines="1" />
Configurable value used by the PaC and PAA to close or
disconnect an established session in the access
phase. This variable indicates the expiration of
the session and is set to the value of
Session-Lifetime AVP if present in the last
PANA-Auth-Request message in the case of the PaC.
Otherwise, it is assumed that the value is infinite
and therefore has no expiration. Expiration of
LIFETIME_SESS_TIMEOUT will cause the event variable
SESS_TIMEOUT to be set.
</t>
<t hangText='ANY'>
<vspace blankLines="1" />
This event variable is set to TRUE when any event occurs.
</t>
</list>
</t>
</section>
<section title='Configurable Values'>
<t>
<list style='hanging'>
<t hangText='RTX_MAX_NUM'>
<vspace blankLines="1" />
Configurable maximum for how many retransmissions should
be attempted before aborting.
</t>
</list>
</t>
</section>
<section title='Common Message Initialization Rules'>
<t>
When a message is prepared for sending, it is initialized as follows:
<list style='symbols'>
<t>
For a request message, R-flag of the header is set.
Otherwise, R-flag is not set.
</t>
<t>
Other message header flags are not set. They are set
explicitly by specific state machine actions.
</t>
<t>
AVPs that are mandatory included in a message are inserted
with appropriate values set.
</t>
</list>
</t>
</section>
<section title='Common Retransmition Rules'>
<t>
The state machines defined in this document assumes
that the PaC and the PAA caches the last transmitted answer
message. This scheme is described in Sec 5.2 of
<xref target='RFC5191'/>. When the PaC or PAA receives
a re-transmitted or duplicate request, it would be able to re-send
the corresponding answer without any aid from the EAP layer.
However, to simplify the state machine description, this caching
scheme is omitted in the state machines below. In the case that
there is not corresponding answer to a re-transmitted request,
the request will be handled by the corresponding statemachine.
</t>
</section>
<section title='Common State Transitions'>
<t>
The following transitions can occur at any state with exemptions
explicitly noted.
<artwork>
----------
State: ANY
----------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - (Re-transmissions)- - - - - - - - - -
RTX_TIMEOUT && Retransmit(); (no change)
RTX_COUNTER<
RTX_MAX_NUM
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - (Reach maximum number of transmissions)- - - - - -
(RTX_TIMEOUT && Disconnect(); CLOSED
RTX_COUNTER>=
RTX_MAX_NUM) ||
SESS_TIMEOUT
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-------------------------
State: ANY except INITIAL
-------------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - (liveness test initiated by peer)- - - - - -
Rx:PNR[P] Tx:PNA[P](); (no change)
-------------------------------
State: ANY except WAIT_PNA_PING
-------------------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - (liveness test response) - - - - - - - -
Rx:PNA[P] None(); (no change)
</artwork>
</t>
<t>
The following transitions can occur on any exit condition
within the specified state.
<artwork>
-------------
State: CLOSED
-------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - -(Catch all event on closed state) - - - - - - - -
ANY None(); CLOSED
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
</artwork>
</t>
</section>
</section>
<section anchor='section-pac-statemachine' title='PaC State Machine'>
<section title='Interface between PaC and EAP Peer'>
<t>
This interface defines the interactions between a PaC and an
EAP peer. The interface serves as a mechanism to deliver
EAP messages for the EAP peer. It allows the EAP peer to
receive EAP requests and send EAP responses via the PaC. It
also provides a mechanism to notify the EAP peer of PaC
events and a mechanism to receive notification of EAP peer
events. The EAP message delivery mechanism as well as the
event notification mechanism in this interface have direct
correlation with the PaC state transition table entries.
These message delivery and event notifications mechanisms
occur only within the context of their associated states or
exit actions.
</t>
<section title='Delivering EAP Messages from PaC to EAP Peer'>
<t>
TxEAP() procedure in the PaC state machine serves as the mechanism
to deliver EAP messages contained in PANA-Auth-Request messages to
the EAP peer. This procedure is enabled only after an
EAP restart event is notified to the EAP peer and before
any event resulting in a termination of the EAP peer session.
In the case where the EAP peer follows the EAP peer state
machine defined in <xref target='RFC4137'/>,
TxEAP() procedure sets eapReq variable of the EAP peer
state machine and puts the EAP request in eapReqData
variable of the EAP peer state machine.
</t>
</section>
<section title='Delivering EAP Messages from EAP Peer to PaC'>
<t>
An EAP message is delivered from the EAP peer to the PaC
via EAP_RESPONSE event variable. The event variable is
set when the EAP peer passes the EAP message to its
lower-layer. In the case where the EAP peer follows the
EAP peer state machine defined in <xref
target='RFC4137'/>, EAP_RESPONSE event
variable refers to eapResp variable of the EAP peer state
machine and the EAP message is contained in eapRespData
variable of the EAP peer state machine.
</t>
</section>
<section title='EAP Restart Notification from PaC to EAP Peer'>
<t>
The EAP peer state machine defined in <xref
target='RFC4137'/> has an initialization
procedure before receiving an EAP message. To initialize
the EAP state machine, the PaC state machine defines an
event notification mechanism to send an EAP (re)start
event to the EAP peer. The event notification is done via
EAP_Restart() procedure in the initialization action of
the PaC state machine.
</t>
</section>
<section title='EAP Authentication Result Notification from EAP Peer to PaC'>
<t>
In order for the EAP peer to notify the PaC of an EAP
authentication result, EAP_SUCCESS and EAP_FAILURE event
variables are defined. In the case where the EAP peer
follows the EAP peer state machine defined in <xref
target='RFC4137'/>, EAP_SUCCESS and
EAP_FAILURE event variables refer to eapSuccess and
eapFail variables of the EAP peer state machine,
respectively. In this case, if EAP_SUCCESS event variable
is set to TRUE and an MSK is generated by the EAP
authentication method in use, eapKeyAvailable variable is
set to TRUE and eapKeyData variable contains the MSK.
Note that EAP_SUCCESS and EAP_FAILURE event variables may
be set to TRUE even before the PaC receives a PAR with a
'Complete' flag set from the PAA.
</t>
</section>
<section title='Alternate Failure Notification from PaC to EAP Peer'>
<t>
alt_reject() procedure in the PaC state machine serves as
the mechanism to deliver an authentication failure event
to the EAP peer without accompanying an EAP message. In
the case where the EAP peer follows the EAP peer state
machine defined in <xref
target='RFC4137'/>, alt_reject()
procedure sets altReject variable of the EAP peer state
machine. Note that the EAP peer state machine in <xref
target='RFC4137'/> also defines
altAccept variable, however, it is never used in PANA in
which EAP-Success messages are reliably delivered by
the last PANA-Auth exchange.
</t>
</section>
</section>
<section title='Configurable Values'>
<t>
<list style='hanging'>
<t hangText='FAILED_SESS_TIMEOUT'>
<vspace blankLines="1" />
Configurable value that allows the PaC to determine
whether a PaC authentication and authorization phase
has stalled without an explicit EAP success or
failure notification.
</t>
</list>
</t>
</section>
<section title='Variables'>
<t>
<list style='hanging'>
<t hangText='AUTH_USER'>
<vspace blankLines="1" />
This event variable is set to TRUE when initiation of
EAP-based (re-)authentication is triggered by the
application.
</t>
<t hangText='EAP_SUCCESS'>
<vspace blankLines="1" />
This event variable is set to TRUE when the EAP peer
determines that EAP conversation completes with success.
</t>
<t hangText='EAP_FAILURE'>
<vspace blankLines="1" />
This event variable is set to TRUE when the EAP peer
determines that EAP conversation completes with failure.
</t>
<t hangText='EAP_RESPONSE'>
<vspace blankLines="1" />
This event variable is set to TRUE when the EAP peer delivers an
EAP message to the PaC. This event accompanies an EAP message
received from the EAP peer.
</t>
<t hangText='EAP_RESP_TIMEOUT'>
<vspace blankLines="1" />
This event variable is set to TRUE when the PaC that has passed
an EAP message to the EAP-layer does not receive a subsequent
EAP message from the the EAP-layer in a given period. This
provides a time limit for certain EAP methods where user
interaction maybe required.
</t>
<t hangText='EAP_DISCARD'>
<vspace blankLines="1" />
This event variable is set to TRUE when the EAP peer indicates
that it has silently discarded the last received EAP-Request.
This event does not accompany any EAP message. In the case where
the EAP peer follows the EAP peer state machine defined in <xref
target='RFC4137'/>, this event variable refers to eapNoResp.
</t>
</list>
</t>
</section>
<section title='Procedures'>
<t>
<list style='hanging'>
<t hangText='boolean eap_piggyback()'>
<vspace blankLines="1" />
This procedures returns TRUE to indicate whether the
next EAP response will be carried in the pending
PAN message for optimization.
</t>
<t hangText='void alt_reject()'>
<vspace blankLines="1" />
This procedure informs the EAP peer of an authentication
failure event without accompanying an EAP message.
</t>
<t hangText='void EAP_RespTimerStart()'>
<vspace blankLines="1" />
A procedure to start a timer to receive an EAP-Response
from the EAP peer.
</t>
<t hangText='void EAP_RespTimerStop()'>
<vspace blankLines="1" />
A procedure to stop a timer to receive an EAP-Response
from the EAP peer.
</t>
</list>
</t>
</section>
<section title='PaC State Transition Table'>
<t>
<artwork>
------------------------------
State: INITIAL (Initial State)
------------------------------
Initialization Action:
NONCE_SENT=Unset;
RTX_COUNTER=0;
RtxTimerStop();
Exit Condition Exit Action Exit State
------------------------+--------------------------+-----------
- - - - - - - - - - (PaC-initiated Handshake) - - - - - - - - -
AUTH_USER Tx:PCI[](); INITIAL
RtxTimerStart();
SessionTimerReStart
(FAILED_SESS_TIMEOUT);
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - -(PAA-initiated Handshake, not optimized) - - - - -
Rx:PAR[S] && EAP_Restart(); WAIT_PAA
!PAR.exist_avp SessionTimerReStart
("EAP-Payload") (FAILED_SESS_TIMEOUT);
if (generate_pana_sa())
Tx:PAN[S]("PRF-Algorithm",
"Integrity-Algorithm");
else
Tx:PAN[S]();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - -(PAA-initiated Handshake, optimized) - - - - - -
Rx:PAR[S] && EAP_Restart(); INITIAL
PAR.exist_avp TxEAP();
("EAP-Payload") && SessionTimerReStart
eap_piggyback() (FAILED_SESS_TIMEOUT);
Rx:PAR[S] && EAP_Restart(); WAIT_EAP_MSG
PAR.exist_avp TxEAP();
("EAP-Payload") && SessionTimerReStart
!eap_piggyback() (FAILED_SESS_TIMEOUT);
if (generate_pana_sa())
Tx:PAN[S]("PRF-Algorithm",
"Integrity-Algorithm");
else
Tx:PAN[S]();
EAP_RESPONSE if (generate_pana_sa()) WAIT_PAA
Tx:PAN[S]("EAP-Payload",
"PRF-Algorithm",
"Integrity-Algorithm");
else
Tx:PAN[S]("EAP-Payload");
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
---------------
State: WAIT_PAA
---------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - - -(PAR-PAN exchange) - - - - - - - -
Rx:PAR[] && RtxTimerStop(); WAIT_EAP_MSG
!eap_piggyback() TxEAP();
EAP_RespTimerStart();
if (NONCE_SENT==Unset) {
NONCE_SENT=Set;
Tx:PAN[]("Nonce");
}
else
Tx:PAN[]();
Rx:PAR[] && RtxTimerStop(); WAIT_EAP_MSG
eap_piggyback() TxEAP();
EAP_RespTimerStart();
Rx:PAN[] RtxTimerStop(); WAIT_PAA
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - -(PANA result) - - - - - - - - - -
Rx:PAR[C] && TxEAP(); WAIT_EAP_RESULT
PAR.RESULT_CODE==
PANA_SUCCESS
Rx:PAR[C] && if (PAR.exist_avp WAIT_EAP_RESULT_
PAR.RESULT_CODE!= ("EAP-Payload")) CLOSE
PANA_SUCCESS TxEAP();
else
alt_reject();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-------------------
State: WAIT_EAP_MSG
-------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - (Return PAN/PAR from EAP) - - - - - - - - -
EAP_RESPONSE && EAP_RespTimerStop() WAIT_PAA
eap_piggyback() if (NONCE_SENT==Unset) {
Tx:PAN[]("EAP-Payload",
"Nonce");
NONCE_SENT=Set;
}
else
Tx:PAN[]("EAP-Payload");
EAP_RESPONSE && EAP_RespTimerStop() WAIT_PAA
!eap_piggyback() Tx:PAR[]("EAP-Payload");
RtxTimerStart();
EAP_RESP_TIMEOUT && Tx:PAN[](); WAIT_PAA
eap_piggyback()
EAP_DISCARD && Tx:PAN[](); CLOSED
eap_piggyback() SessionTimerStop();
Disconnect();
EAP_FAILURE || SessionTimerStop(); CLOSED
(EAP_DISCARD && Disconnect();
!eap_piggyback())
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
----------------------
State: WAIT_EAP_RESULT
----------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - (EAP Result) - - - - - - - - - - - - -
EAP_SUCCESS if (PAR.exist_avp OPEN
("Key-Id"))
Tx:PAN[C]("Key-Id");
else
Tx:PAN[C]();
Authorize();
SessionTimerReStart
(LIFETIME_SESS_TIMEOUT);
EAP_FAILURE Tx:PAN[C](); CLOSED
SessionTimerStop();
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
----------------------------
State: WAIT_EAP_RESULT_CLOSE
----------------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - (EAP Result) - - - - - - - - - - - - -
EAP_SUCCESS || if (EAP_SUCCESS && CLOSED
EAP_FAILURE PAR.exist_avp("Key-Id"))
Tx:PAN[C]("Key-Id");
else
Tx:PAN[C]();
SessionTimerStop();
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-----------
State: OPEN
-----------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - (liveness test initiated by PaC)- - - - - -
PANA_PING Tx:PNR[P](); WAIT_PNA_PING
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - (re-authentication initiated by PaC)- - - - - -
REAUTH NONCE_SENT=Unset; WAIT_PNA_REAUTH
Tx:PNR[A]();
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - (re-authentication initiated by PAA)- - - - - -
Rx:PAR[] EAP_RespTimerStart(); WAIT_EAP_MSG
TxEAP();
if (!eap_piggyback())
Tx:PAN[]("Nonce");
else
NONCE_SENT=Unset;
SessionTimerReStart
(FAILED_SESS_TIMEOUT);
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - -(Session termination initiated by PAA) - - - - - -
Rx:PTR[] Tx:PTA[](); CLOSED
SessionTimerStop();
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - -(Session termination initiated by PaC) - - - - - -
TERMINATE Tx:PTR[](); SESS_TERM
RtxTimerStart();
SessionTimerStop();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
----------------------
State: WAIT_PNA_REAUTH
----------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - -(re-authentication initiated by PaC) - - - - -
Rx:PNA[A] RtxTimerStop(); WAIT_PAA
SessionTimerReStart
(FAILED_SESS_TIMEOUT);
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - -(Session termination initiated by PAA) - - - - - -
Rx:PTR[] RtxTimerStop(); CLOSED
Tx:PTA[]();
SessionTimerStop();
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--------------------
State: WAIT_PNA_PING
--------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - -(liveness test initiated by PaC) - - - - - - -
Rx:PNA[P] RtxTimerStop(); OPEN
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - (re-authentication initiated by PAA)- - - - -
Rx:PAR[] RtxTimerStop(); WAIT_EAP_MSG
EAP_RespTimerStart();
TxEAP();
if (!eap_piggyback())
Tx:PAN[]("Nonce");
else
NONCE_SENT=Unset;
SessionTimerReStart
(FAILED_SESS_TIMEOUT);
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - -(Session termination initiated by PAA) - - - - - -
Rx:PTR[] RtxTimerStop(); CLOSED
Tx:PTA[]();
SessionTimerStop();
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
----------------
State: SESS_TERM
----------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - -(Session termination initiated by PaC) - - - - -
Rx:PTA[] Disconnect(); CLOSED
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
</artwork>
</t>
</section>
</section>
<section anchor='section-paa-statemachine' title='PAA State Machine'>
<section title='Interface between PAA and EAP Authenticator'>
<t>
The interface between a PAA and an EAP authenticator
provides a mechanism to deliver EAP messages for the EAP
authenticator as well as a mechanism to notify the EAP
authenticator of PAA events and to receive notification of
EAP authenticator events. These message delivery and event
notification mechanisms occur only within context of their
associated states or exit actions.
</t>
<section title='EAP Restart Notification from PAA to EAP Authenticator'>
<t>
An EAP authenticator state machine defined in <xref
target='RFC4137'/> has an initialization
procedure before sending the first EAP request. To
initialize the EAP state machine, the PAA state machine
defines an event notification mechanism to send an EAP
(re)start event to the EAP authenticator. The event notification
is done via EAP_Restart() procedure in the initialization
action of the PAA state machine.
</t>
</section>
<section title='Delivering EAP Responses from PAA to EAP Authenticator'>
<t>
TxEAP() procedure in the PAA state machine serves as the
mechanism to deliver EAP-Responses contained in
PANA-Auth-Answer messages to the EAP authenticator. This
procedure is enabled only after an EAP restart event is
notified to the EAP authenticator and before any event
resulting in a termination of the EAP authenticator session.
In the case where the EAP authenticator follows the EAP
authenticator state machines defined in <xref
target='RFC4137'/>, TxEAP() procedure
sets eapResp variable of the EAP authenticator state
machine and puts the EAP response in eapRespData variable
of the EAP authenticator state machine.
</t>
</section>
<section title='Delivering EAP Messages from EAP Authenticator to PAA'>
<t>
An EAP request is delivered from the EAP authenticator to
the PAA via EAP_REQUEST event variable. The event
variable is set when the EAP authenticator passes the EAP
request to its lower-layer. In the case where the EAP
authenticator follows the EAP authenticator state machines
defined in <xref target='RFC4137'/>,
EAP_REQUEST event variable refers to eapReq variable of
the EAP authenticator state machine and the EAP request is
contained in eapReqData variable of the EAP authenticator
state machine.
</t>
</section>
<section title='EAP Authentication Result Notification from EAP Authenticator to PAA'>
<t>
In order for the EAP authenticator to notify the PAA of
the EAP authentication result, EAP_SUCCESS, EAP_FAILURE
and EAP_TIMEOUT event variables are defined. In the case
where the EAP authenticator follows the EAP authenticator
state machines defined in <xref
target='RFC4137'/>, EAP_SUCCESS, EAP_FAILURE
and EAP_TIMEOUT event variables refer to
eapSuccess, eapFail and eapTimeout variables of the EAP
authenticator state machine, respectively. In this case,
if EAP_SUCCESS event variable is set to TRUE, an
EAP-Success message is contained in eapReqData variable of
the EAP authenticator state machine, and additionally,
eapKeyAvailable variable is set to TRUE and eapKeyData
variable contains an MSK if the MSK is generated as
a result of successful authentication by the EAP
authentication method in use. Similarly, if EAP_FAILURE
event variable is set to TRUE, an EAP-Failure message is
contained in eapReqData variable of the EAP authenticator
state machine. The PAA uses EAP_SUCCESS and EAP_FAILURE
event variables as a trigger to send a PAR message to the PaC.
</t>
</section>
</section>
<section title='Variables'>
<list style='hanging'>
<t hangText='OPTIMIZED_INIT'>
<vspace blankLines="1" />
This variable indicates whether the PAA is able to
piggyback an EAP-Request in the initial PANA-Auth-Request.
Otherwise it is set to FALSE.
</t>
<t hangText='PAC_FOUND'>
<vspace blankLines="1" />
This variable is set to TRUE as a result of a PAA
initiated handshake.
</t>
<t hangText='REAUTH_TIMEOUT'>
<vspace blankLines="1" />
This event variable is set to TRUE to indicate that
the PAA initiates a re-authentication with the
PaC. The re-authentication timeout should be set to
a value less than the session timeout carried in
the Session-Lifetime AVP if present.
</t>
<t hangText='EAP_SUCCESS'>
<vspace blankLines="1" />
This event variable is set to TRUE when EAP conversation
completes with success. This event accompanies an EAP-
Success message passed from the EAP authenticator.
</t>
<t hangText='EAP_FAILURE'>
<vspace blankLines="1" />
This event variable is set to TRUE when EAP conversation
completes with failure. This event accompanies an EAP-
Failure message passed from the EAP authenticator.
</t>
<t hangText='EAP_REQUEST'>
<vspace blankLines="1" />
This event variable is set to TRUE when the EAP
authenticator delivers an EAP Request to the PAA. This
event accompanies an EAP-Request message received from
the EAP authenticator.
</t>
<t hangText='EAP_TIMEOUT'>
<vspace blankLines="1" />
This event variable is set to TRUE when EAP conversation
times out without generating an EAP-Success or an
EAP-Failure message. This event does not accompany any
EAP message.
</t>
<t hangText='EAP_DISCARD'>
<vspace blankLines="1" />
This event variable is set to TRUE when EAP authenticator
indicates that it has silently discarded the last received
EAP-Response message. This event does not accompany any
EAP message. In the case where the EAP authenticator follows
the EAP authenticator state machines defined in <xref
target='RFC4137'/>, this event variable refers to
eapNoReq.
</t>
</list>
</section>
<section title='Procedures'>
<list style='hanging'>
<t hangText='boolean new_key_available()'>
<vspace blankLines="1" />
A procedure to check whether the PANA session has a new
PANA_AUTH_KEY. If the state machine already have a
PANA_AUTH_KEY, it returns FALSE. If the state machine
does not have a PANA_AUTH_KEY, it tries to retrieve an
MSK from the EAP entity. If an MSK has been
retrieved, it computes a PANA_AUTH_KEY from the MSK
and returns TRUE. Otherwise, it returns FALSE.
</t>
</list>
</section>
<section title='PAA State Transition Table'>
<artwork>
------------------------------
State: INITIAL (Initial State)
------------------------------
Initialization Action:
OPTIMIZED_INIT=Set|Unset;
NONCE_SENT=Unset;
RTX_COUNTER=0;
RtxTimerStop();
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - (PCI and PAA initiated PANA) - - - - - - - - -
(Rx:PCI[] || if (OPTIMIZED_INIT == INITIAL
PAC_FOUND) Set) {
EAP_Restart();
SessionTimerReStart
(FAILED_SESS_TIMEOUT);
}
else {
if (generate_pana_sa())
Tx:PAR[S]("PRF-Algorithm",
"Integrity-Algorithm");
else
Tx:PAR[S]();
}
EAP_REQUEST if (generate_pana_sa()) INITIAL
Tx:PAR[S]("EAP-Payload",
"PRF-Algorithm",
"Integrity-Algorithm");
else
Tx:PAR[S]("EAP-Payload");
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - (PAN Handling) - - - - - - - - - -
Rx:PAN[S] && if (PAN.exist_avp WAIT_EAP_MSG
((OPTIMIZED_INIT == ("EAP-Payload"))
Unset) || TxEAP();
PAN.exist_avp else {
("EAP-Payload")) EAP_Restart();
SessionTimerReStart
(FAILED_SESS_TIMEOUT);
}
Rx:PAN[S] && None(); WAIT_PAN_OR_PAR
(OPTIMIZED_INIT ==
Set) &&
! PAN.exist_avp
("EAP-Payload")
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-------------------
State: WAIT_EAP_MSG
-------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - -(Receiving EAP-Request)- - - - - - - - -
EAP_REQUEST if (NONCE_SENT==Unset) { WAIT_PAN_OR_PAR
Tx:PAR[]("Nonce",
"EAP-Payload");
NONCE_SENT=Set;
}
else
Tx:PAR[]("EAP-Payload");
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - -(Receiving EAP-Success/Failure) - - - - -
EAP_FAILURE PAR.RESULT_CODE = WAIT_FAIL_PAN
PANA_AUTHENTICATION_
REJECTED;
Tx:PAR[C]("EAP-Payload");
RtxTimerStart();
SessionTimerStop();
EAP_SUCCESS && PAR.RESULT_CODE = WAIT_SUCC_PAN
Authorize() PANA_SUCCESS;
if (new_key_available())
Tx:PAR[C]("EAP-Payload",
"Key-Id");
else
Tx:PAR[C]("EAP-Payload");
RtxTimerStart();
EAP_SUCCESS && PAR.RESULT_CODE = WAIT_FAIL_PAN
!Authorize() PANA_AUTHORIZATION_
REJECTED;
if (new_key_available())
Tx:PAR[C]("EAP-Payload",
"Key-Id");
else
Tx:PAR[C]("EAP-Payload");
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - (Receiving EAP-Timeout or invalid message) - - - - -
EAP_TIMEOUT || SessionTimerStop(); CLOSED
EAP_DISCARD Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--------------------
State: WAIT_SUCC_PAN
--------------------
Event/Condition Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - (PAN Processing)- - - - - - - - - - -
Rx:PAN[C] RtxTimerStop(); OPEN
SessionTimerReStart
(LIFETIME_SESS_TIMEOUT);
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--------------------
State: WAIT_FAIL_PAN
--------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - - (PAN Processing)- - - - - - - - - -
Rx:PAN[C] RtxTimerStop(); CLOSED
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-----------
State: OPEN
-----------
Event/Condition Action Exit State
------------------------+--------------------------+------------
- - - - - - - - (re-authentication initiated by PaC) - - - - - -
Rx:PNR[A] NONCE_SENT=Unset; WAIT_EAP_MSG
EAP_Restart();
Tx:PNA[A]();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - (re-authentication initiated by PAA)- - - - - -
REAUTH || NONCE_SENT=Unset; WAIT_EAP_MSG
REAUTH_TIMEOUT EAP_Restart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - (liveness test based on PNR-PNA exchange initiated by PAA)-
PANA_PING Tx:PNR[P](); WAIT_PNA_PING
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - (Session termination initated from PAA) - - - -
TERMINATE Tx:PTR[](); SESS_TERM
SessionTimerStop();
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - (Session termination initated from PaC) - - - -
Rx:PTR[] Tx:PTA[](); CLOSED
SessionTimerStop();
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--------------------
State: WAIT_PNA_PING
--------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - -(PNA processing) - - - - - - - - - -
Rx:PNA[P] RtxTimerStop(); OPEN
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - (re-authentication initiated by PaC) - - - - - -
Rx:PNR[A] RtxTimerStop(); WAIT_EAP_MSG
NONCE_SENT=Unset;
EAP_Restart();
Tx:PNA[A]();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - (Session termination initated from PaC) - - - -
Rx:PTR[] RtxTimerStop(); CLOSED
Tx:PTA[]();
SessionTimerStop();
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
----------------------
State: WAIT_PAN_OR_PAR
----------------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - (PAR Processing)- - - - - - - - - - -
Rx:PAR[] TxEAP(); WAIT_EAP_MSG
RtxTimerStop();
Tx:PAN[]();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - (Pass EAP Response to the EAP authenticator)- - - -
Rx:PAN[] && TxEAP(); WAIT_EAP_MSG
PAN.exist_avp RtxTimerStop();
("EAP-Payload")
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - (PAN without an EAP response) - - - - - - -
Rx:PAN[] && RtxTimerStop(); WAIT_PAN_OR_PAR
!PAN.exist_avp
("EAP-Payload")
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - -(EAP retransmission) - - - - - - - - - -
EAP_REQUEST RtxTimerStop(); WAIT_PAN_OR_PAR
Tx:PAR[]("EAP-Payload");
RtxTimerStart();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - (EAP authentication timeout or failure)- - - - -
EAP_FAILURE || RtxTimerStop(); CLOSED
EAP_TIMEOUT || SessionTimerStop();
EAP_DISCARD Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
----------------
State: SESS_TERM
----------------
Exit Condition Exit Action Exit State
------------------------+--------------------------+------------
- - - - - - - - - - - - - -(PTA processing) - - - - - - - - - -
Rx:PTA[] RtxTimerStop(); CLOSED
Disconnect();
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
</artwork>
</section>
</section>
<section title='Implementation Considerations'>
<section title='PAA and PaC Interface to Service Management Entity'>
<t>
In general, it is assumed each device or network equipment
has a PANA protocol stack available for use by other modules
within the device or network equipment. One such module is the
Service Management Entity (SME). The SME is a generic term for
modules that manages different services (including network protocols)
that installed on a device or equipment. To integrate PANA protocol
with the SME, it is recommended that a generic interface (i.e.,
the SME-PANA interface) between the SME and the PANA protocol stack
be provided by the implementation. This interface should include
common procedures such as startup, shutdown and re-authenticate
signals. It should also provision for extracting keying material.
For the PAA, the SME-PANA interface should also provide a method
for communicating filtering parameters to the EP(s) when
cryptographic filtering is used. The filtering parameters include
keying material used for bootstrapping secured transport such
as IPsec. When a PAA device interacts with the backend authentication
server using a AAA protocol, its SME may also provide an interface to the
AAA protocol to obtain authorization parameters such as the authorization
lifetime and additional filtering parameters.
</t>
</section>
</section>
<section title='Security Considerations'>
<t>
This document's intent is to describe the PANA state machines
fully. To this end, any security concerns with this document
are likely a reflection of security concerns with PANA itself.
</t>
</section>
<section title='IANA Considerations'>
<t>
This document has no actions for IANA.
</t>
</section>
<section title='Acknowledgments'>
<t>
This work was started from state machines originally made by
Dan Forsberg.
</t>
</section>
</middle>
<back>
<references title='Normative References'>
&rfc5191;
</references>
<references title='Informative References'>
&rfc4137;
</references>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 03:11:42 |