One document matched: draft-korhonen-dime-mip6-feature-bits-00.txt
Diameter Maintenance and J. Korhonen
Extensions (DIME) TeliaSonera
Internet-Draft October 27, 2008
Intended status: Informational
Expires: April 30, 2009
Diameter MIP6 Feature Vector Additional Bit Allocations
draft-korhonen-dime-mip6-feature-bits-00.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 30, 2009.
Copyright Notice
Copyright (C) The IETF Trust (2008).
Abstract
During the Mobile IPv6 Split Scenario bootstrapping the Mobile IPv6
Home Agent and the Authentication, Authorization, and Accounting
server may exchange a set of capabilities as defined in. This
document defines additional capability flag bits that are used to
authorize per Mobile Node route optimization, Multiple Care-of
Address and user plane traffic encryption support. Furthermore, this
document also defines a capability flag bit of indicating whether the
Korhonen Expires April 30, 2009 [Page 1]
Internet-Draft Diameter MIP6 Feature Vector Bits October 2008
Home Agent is authorized to act as a stand alone Virtual Private
Network gateway.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Flag definitions for the MIP6-Feature-Vector AVP . . . . . . . 3
3.1. Route Optimization Support . . . . . . . . . . . . . . . . 3
3.2. Multiple Care-of Addresses Support . . . . . . . . . . . . 4
3.3. User Traffic Encryption Support . . . . . . . . . . . . . . 4
3.4. VPN Gateway Mode Support . . . . . . . . . . . . . . . . . 4
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Capability Flag Bits . . . . . . . . . . . . . . . . . . . 5
4.2. Mobile IPv6 Status Codes . . . . . . . . . . . . . . . . . 5
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5
6.1. Normative References . . . . . . . . . . . . . . . . . . . 5
6.2. Informative References . . . . . . . . . . . . . . . . . . 6
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 6
Intellectual Property and Copyright Statements . . . . . . . . . . 7
Korhonen Expires April 30, 2009 [Page 2]
Internet-Draft Diameter MIP6 Feature Vector Bits October 2008
1. Introduction
During the Mobile IPv6 [3] Split Scenario bootstrapping [4] the
Mobile IPv6 Home Agent (HA) and the Authentication, Authorization,
and Accounting (AAA) server MAY exchange a set of capabilities as
defined in [5]. This document defines additional capability flag
bits that are used to authorize per Mobile Node (MN) route
optimization, Multiple Care-of Address (MCoA) [6] and user plane
traffic encryption support. Furthermore, this document also defines
a capability flag bit of indicating whether the HA is authorized to
act as a stand alone IPsec Virtual Private Network (VPN) gateway for
remote VPN clients.
These new capability flag bits allow Mobility Service Provider (MSP)
to control the supported services on the HA. Additionally, the HA
SHOULD inform the MN whether the route optimization, the use of MCoA
or the user plane encryption is allowed. This allows the MN to learn
the MSP service policies in a clean way.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1].
3. Flag definitions for the MIP6-Feature-Vector AVP
The MIP6-Feature-Vector AVP is defined in [2]. This document defines
new additional capability bits for signaling the support of Mobile
IPv6 route optimization and the support of Multiple Care-of
Addresses. These new capability bits are intended to be used between
the HA and the AAA server during the Mobile IPv6 Split Scenario
bootstrapping Diameter interactions [5]. However, the defined flag
bits MAY also be used in other scenarios and deployments outside the
Mobile IPv6 Split Scenario. In addition to the capability flag bits
this document also defines corresponding Mobile IPv6 Binding
Acknowledgement Status Codes.
3.1. Route Optimization Support
Route optimization support is indicated by using the RO_SUPPORTED
(value 0x0000000200000000) capability flag bit. When the HA sets
this bit, it indicates support for the route optimization. If this
bit is unset in the returned MIP6-Feature-Vector AVP, the AAA server
does not authorize route optimization for the MN.
Korhonen Expires April 30, 2009 [Page 3]
Internet-Draft Diameter MIP6 Feature Vector Bits October 2008
In a case the HA or the AAA server cannot authorize the use of route
optimization then the HA SHOULD send a Binding Acknowledgement with a
Status Code set to ACCEPTED_BUT_NO_ROUTE_OPTIMIZATION (status code
TBD). This Status Code indicates that the binding registration
succeeded but the HA will fail all possible subsequent route
optimization attempts because of subscription or operator policy.
3.2. Multiple Care-of Addresses Support
Multiple Care-of Addresses (MCoA) [6] support is indicated by using
the MCOA_SUPPORTED (value 0x0000001000000000) capability flag bit.
When the HA sets this bit, it indicates support for the MCoA. If
this bit is unset in the returned MIP6-Feature-Vector AVP, the AAA
server does not authorize the use of MCoA for the MN.
In a case the HA or the AAA server cannot authorize the use of the
MCoA then the HA SHOULD send a Binding Acknowledgement with a Status
Code set to ACCEPTED_BUT_NO_MCOA (status code TBD). This Status Code
indicates that the binding registration succeeded but the HA will
fail all possible subsequent attempts to use MCoA because of
subscription or operator policy.
3.3. User Traffic Encryption Support
User plane traffic encryption support is indicated by using the
USER_TRAFFIC_ENCRYPTION (value 0x0000000400000000) capability flag
bit. When the HA sets this bit, it indicates support for the user
plane traffic encryption between the MN and the HA. If this bit is
unset in the returned MIP6-Feature-Vector AVP, the AAA server does
not authorize user plane traffic encryption because of subscription
or operator policy.
In the case the AAA server cannot authorize the use of user plane
traffic encryption then the HA SHOULD send a Binding Acknowledgement
with a Status Code set to ACCEPTED_BUT_NO_TRAFFIC_ENCRYPTION (status
code TBD). This Status Code indicates that the binding registration
succeeded but the HA will silently discard all encrypted user plane
packets sent by the MN to the HA.
3.4. VPN Gateway Mode Support
The HA MAY act as a IPsec VPN gateway for the user and the support is
indicated by the VPN_GW_MODE (value 0x0000000800000000) capability
flag bit. When the HA sets this bit, it indicates support for acting
as a standalone IPsec VPN gateway. If this bit is unset in the
returned MIP6-Feature-Vector AVP, the AAA server does not authorize
the HA to act as a standalone IPsec VPN gateway for the MN because of
subscription or operator policy.
Korhonen Expires April 30, 2009 [Page 4]
Internet-Draft Diameter MIP6 Feature Vector Bits October 2008
4. IANA Considerations
This section contains the namespaces that have either been created in
this specification or had their values assigned to existing
namespaces managed by IANA.
4.1. Capability Flag Bits
This specification defines new values to the "Mobility Capability"
registry (see [2]) for use with the MIP6-Feature-Vector AVP:
Token | Value | Description
---------------------------------+----------------------+------------
RO_SUPPORTED | 0x0000000200000000 | RFC TBD
USER_TRAFFIC_ENCRYPTION | 0x0000000400000000 | RFC TBD
VPN_GW_MODE | 0x0000000800000000 | RFC TBD
MCOA_SUPPORTED | 0x0000001000000000 | RFC TBD
4.2. Mobile IPv6 Status Codes
This specification defines new Mobile IPv6 [3] Status Code values.
The Status Code must be allocated from the range 0-127:
Status Code | Value | Description
----------------------------------------+---------------+------------
ACCEPTED_BUT_NO_ROUTE_OPTIMIZATION | is set to TBD | RFC TBD
ACCEPTED_BUT_NO_MCOA | is set to TBD | RFC TBD
ACCEPTED_BUT_NO_TRAFFIC_ENCRYPTION | is set to TBD | RFC TBD
5. Security Considerations
This document has no additional security consideration to those
already described for the Mobile IPv6 Integrated Scenario Diameter
interactions [2] and Mobile IPv6 Split Scenario Diameter interactions
[5].
6. References
6.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[2] Korhonen, J., Bournelle, J., Tschofenig, H., Perkins, C., and K.
Chowdhury, "Diameter Mobile IPv6: Support for Network Access
Server to Diameter Server Interaction",
Korhonen Expires April 30, 2009 [Page 5]
Internet-Draft Diameter MIP6 Feature Vector Bits October 2008
draft-ietf-dime-mip6-integrated-10 (work in progress),
September 2008.
6.2. Informative References
[3] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support in
IPv6", RFC 3775, June 2004.
[4] Giaretta, G., Kempf, J., and V. Devarapalli, "Mobile IPv6
Bootstrapping in Split Scenario", RFC 5026, October 2007.
[5] Korhonen, J., Tschofenig, H., Bournelle, J., Giaretta, G., and
M. Nakhjiri, "Diameter Mobile IPv6: Support for Home Agent to
Diameter Server Interaction", draft-ietf-dime-mip6-split-12
(work in progress), September 2008.
[6] Wakikawa, R., Devarapalli, V., Ernst, T., and K. Nagami,
"Multiple Care-of Addresses Registration",
draft-ietf-monami6-multiplecoa-09 (work in progress),
August 2008.
Author's Address
Jouni Korhonen
TeliaSonera
Email: jouni.nospam@gmail.com
Korhonen Expires April 30, 2009 [Page 6]
Internet-Draft Diameter MIP6 Feature Vector Bits October 2008
Full Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
Korhonen Expires April 30, 2009 [Page 7]
| PAFTECH AB 2003-2026 | 2026-04-24 07:36:26 |