Authentication, Authorization and Accounting (aaa)

Last Modified: 2006-03-24

Additional information is available at tools.ietf.org/wg/aaa

Chair(s):

  • Bernard Aboba <Bernard_Aboba@hotmail.com>

  • David Mitton <david@mitton.com>

  • John Loughney <john.loughney@nokia.com>

    Operations and Management Area Director(s):

  • Dan Romascanu <dromasca@avaya.com>
  • David Kessens <david.kessens@jabber.org>

    Operations and Management Area Advisor:

  • Dan Romascanu <dromasca@avaya.com>

    Mailing Lists:

    General Discussion: aaa-wg@merit.edu
    To Subscribe: majordomo@merit.edu
    In Body: subscribe aaa-wg
    Archive: http://www.merit.edu/mail.archives/aaa-wg/

    Description of Working Group:

    The Authentication, Authorization and Accounting Working Group
    focused on the development of requirements for Authentication,
    Authorization and Accounting as applied to network access.
    Requirements were gathered from NASREQ, MOBILE IP, and ROAMOPS
    Working Groups as well as TIA 45.6. The AAA WG then solicited
    submission of protocols meeting the requirements, and evaluated
    the submissions.

    This incarnation of the AAA Working Group will focus on development
    of an IETF Standards track protocol, based on the DIAMETER submission.

    In this process, it is to be understood that the IETF does not function
    as a rubber stamp. It is likely that the protocol will be changed
    significantly during the process of development.

    The immediate goals of the AAA working group are to address the
    following issues:

    - Clarity. The protocol documents should clearly describe the contents
      of typical messages and the requirements for interoperability.

    - Error messages. The protocol should define categories of error
      messages, enabling implementations to respond correctly based on the
      category. The set of error messages should cover the full range of
      operational problems.

    - Accounting. The accounting operational model should be described for
      each type of network access.

    - IPv6. The protocol must include attributes in support for IPv6
      network access and must be transportable over IPv6.

    - Transport. The protocol should be transport independent and must
      define at least one mandatory-to-implement transport mapping. Other
      transport mappings may also be defined. All transport mappings must
      effectively support congestion control.

    - Explicit proxy support. The protocol should offer explicit support
      for proxies, including support for automated message routing, route
      recording, and (where necessary) path hiding.

    - RADIUS compatibility. The protocol should provide improved RADIUS
      backward compatibility in the case where only RADIUS attributes are
      used or where RADIUS proxies or servers exist in the path.

    - Security. The protocol should define a lightweight data object
      security model that is implementable on NASes.

    - Data model. The proposal should offer logical separation between the
      protocol and the data model and should support rich data types.

    - MIBs. A MIB must be defined, supporting both IPv4 and IPv6 operation.

    Goals and Milestones:

    Done  Submission of requirements document as an Informational RFC.
    Done  Submission of evaluation document as an Informational RFC.
    Done  Submission of design team recommendations on protocol improvements.
    Done  Incorporation of design team recommendations into protocol submission.
    Done  Submission of AAA Transport as a Proposed Standard RFC
    Done  Submission of Diameter Base as a Proposed Standard RFC
    Done  Submission of Diameter NASREQ as a Proposed Standard RFC
    Done  Submission of Diameter EAP as a Proposed Standard RFC
    Done  Submission of Diameter Credit Control as a Proposed Standard RFC
    Done  Submission of Diameter SIP application as a Proposed Standard RFC

    No Current Internet-Drafts

    Request For Comments:

    Accounting Attributes and Record Formats (RFC 2924) (75561 bytes)
    Introduction to Accounting Management (RFC 2975) (129771 bytes)
    Criteria for Evaluating AAA Protocols for Network Access (RFC 2989) (53197 bytes)
    Authentication, Authorization, and Accounting:Protocol Evaluation (RFC 3127) (170579 bytes)
    Authentication, Authorization and Accounting (AAA) Transport Profile (RFC 3539) (93110 bytes)
    Diameter Base Protocol (RFC 3588) (341261 bytes)
    Diameter Mobile IPv4 Application (RFC 4004) (128210 bytes)
    Diameter Network Access Server Application (RFC 4005) (198871 bytes)
    Diameter Credit-Control Application (RFC 4006) (288794 bytes)
    Diameter Extensible Authentication Protocol (EAP) Application (RFC 4072) (79965 bytes)
    Diameter Session Initiation Protocol (SIP) Application (RFC 4740) (174175 bytes)
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.