AAA Working Group Qing Liu INTERNET-DRAFT Yanqun Le Nokia Expires: August 2003 February 2003 Diameter User Session Mobility Application Status of this memo This document is an Internet-Draft and is subject to all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Abstract A mobile node will change its access router frequently during a Diameter session and the relevant AAA parameters may also be transferred between the access routers. However, the home AAA server does not know the movement of the mobile node before the mobile node re-authenticates, and a request from the home AAA server will always be forwarded to the former realm. Therefore, an efficient way is needed to forward the request to the new access router. Table of Contents 1. Introduction....................................................2 1.1 Requirements language.........................................2 1.2 Terminology...................................................3 2. Description of the Protocol......................................4 2.1 General Requirements..........................................4 2.2 Session Mobility Scenarios....................................4 2.2.1 Session update scenarios..................................4 2.2.2 Diameter message redirection scenario.....................9 2.2.3 Race scenario............................................10 2.3 Diameter Nodes Operations....................................10 Liu, Le, Forsberg Expires: August 2003 [Page 1] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 2.3.1 AR Operation.............................................10 2.3.2 AAAL Operation...........................................10 2.3.3 AAAL operation in the race scenario......................11 2.4 Advertising Application support..............................12 3. Command-Code Values.............................................12 3.1 Session-Update-Request.......................................12 3.2 Session-Update-Answer........................................13 4. Result-Code AVP Values..........................................14 5. Mandatory AVPs..................................................14 5.1 Anchor-AAA-Server AVP........................................14 5.2 Serving-AAA-Server AVP.......................................14 5.3 Session-Update-Vector AVP....................................14 5.4 Session-Info AVP.............................................14 6. AVP Table.......................................................15 7. IANA Considerations.............................................15 8. Security Considerations.........................................15 9. References......................................................15 10. Acknowledgements...............................................15 11. Author's Addresses.............................................15 12. Intellectual Property Rights...................................16 13. Full Copyright Statement.......................................16 14. Expiration Date................................................16 1. Introduction When a mobile node (MN) wants to use resource, its access router (AR) will initiate an authentication and/or authorization request and set up a Diameter session between the AR and the home AAA server (AAAH) which will last until session timeout or being stopped by termination request from the access router. When a MN moves during a session and also the relevant AAA parameters are transferred between these ARs [3], the Diameter session SHOULD be updated, because the AAAH does not know the movement of the MN before the MN re- authenticates and a request from the AAAH (e.g. Abort-Session- Request or Re-Auth-Request, etc.) will always be forwarded to the former realm where the initial auth request is originated. This Diameter application introduces an anchor AAAL, which will redirect the request from the home domain to the new AR. Two new messages (Session-Update-Request and Session-Update-Answer) are defined for the new AR to update the session information maintained in the anchor AAAL or the old AAAL. In the meantime, the other relevant user AAA information will be transferred to the new AAAL. 1.1 Requirements language In this document, the key words "MAY", "MUST", "MUST NOT", "optional", "recommended", "SHOULD", and "SHOULD NOT", are to be interpreted as described in [2]. Liu, Le, Forsberg Expires: August 2003 [Page 2] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 1.2 Terminology This section presents a few terms used throughout the document. oAR old AR, the old access router, having provided access to the mobile node previously. nAR new AR, the new access router, providing access to the mobile node currently. aAAAL anchor AAAL, the local AAA server, where the mobile node has initially established its Diameter session with its home AAA server before the its handover, and which may re-direct the received AAA messages from the home domain to the new access router. oAAAL old AAAL, the local AAA server, having provided AAA service to the mobile node previously. nAAAL new AAAL, the local AAA server, providing AAA service to the mobile node currently. downstream node The next hop AAA node which the related AAA message aims to. session route The logical route between AR and the MN's home domain AAA server, including all the peer connections within all the related diameter nodes. +------+ | AAAH | +------+ | ... | +------+ +------+ +------+ | aAAAL|-----| oAAAL|-----| nAAAL| +------+ +------+ +------+ | | | +------+ +------+ +------+ | AR | | oAR | | nAR | +------+ +------+ +------+ ^ | v movement +------+ --------> | MN | +------+ Figure 1: MN handover Liu, Le, Forsberg Expires: August 2003 [Page 3] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 2. Description of the Protocol 2.1 General Requirements Here are several requirements: 1. Each AR knows its local AAA server by some means. 2. The values of oAAAL and aAAAL should be available for the nAAAL after handover. 3. The request from the AAAH SHOULD always go through the aAAAL. 4. An AAAL should maintain the downstream node for an active session, for example, [Session Id, downstream node, Session timeout]. Any other user AAA information maintained in AAAL can be transferred to the nAAAL. 2.2 Session Mobility Scenarios Diameter user session need to updated when MN changes its access router, and those diameter messages heading for MN's current access router need to be redirected. Therefore, three scenarios are proposed. 2.2.1 Session update scenarios When the MN changed its access router from oAR to nAR, the session route should be updated immediately after handover. If the MN changes its AR between two AAALs, upon the arrival of MN's AAA parameters, the nAR will send Session-Update-Request (SUR) message through the nAAAL, optionally the oAAAL, to the aAAAL, so that the downstream node information maintained in the aAAAL can be updated from the oAAAL to the nAAAL. In the meantime, the other relevant user AAA information MAY be transferred to the nAAAL by Session-Update-Answer message. If the MN changes its AR inside one AAAL, the new AR just sends Session-Update-Request message to the current AAAL, informing it to update the downstream node information from the oAR to the nAR. There are several scenarios where handover between two ARs may happen: 1) Inside one AAAL, whether it is aAAAL or not +------+ | AAAH | +------+ | SessionId: foo Liu, Le, Forsberg Expires: August 2003 [Page 4] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 ... Downstream node: nAR | ... +------+ +------+ | aAAAL|-----------| nAAAL| +------+ +------+ | / \ +------+ +------+ +------+ | AR | | oAR | | nAR | +------+ +------+ +------+ ^ | v movement +------+ --------> | MN | +------+ Figure 2: Session Update inside one AAAL - oAR will release session information after successful handover; - nAR will send Session-Update-Request (SUR) to the AAAL to update the downstream node to nAR. 2) From aAAAL (or oAAAL) to nAAAL +------+ aAAAL | AAAH | SessionId: foo +------+ Downstream node:nAAAL | ... nAAAL | SessionId: foo +------+ +------+ +------+Downstream node: nAR | aAAAL|-----| oAAAL|-----| nAAAL| ... +------+ +------+ +------+ | | | +------+ +------+ +------+ | AR | | oAR | | nAR | +------+ +------+ +------+ ^ | v movement +------+ --------> | MN | +------+ Figure 3: Session Update between two AAALs - oAR will release session information after successful handover; Liu, Le, Forsberg Expires: August 2003 [Page 5] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 - nAR will send SUR with Destination-Host AVP set to oAAAL, Anchor- AAA-Server AVP set to aAAAL and Serving-AAA-Server AVP set to nAAAL. The request of the command is used to update the downstream node in aAAAL and its answer is to transfer the user AAA information from aAAAL or oAAAL to the nAAAL. - When SUR passes through nAAAL, the nAAAL will update its downstream node to the host in Origin-Host AVP, besides forwarding the message; - When oAAAL receives SUR, it compares local host with the value of Anchor-AAA-Server AVP. If they are different, the oAAAL should replace the Destination-Host AVP value with that of Anchor-AAA- Server AVP and send the request out; - When aAAAL receives SUR, it should update the downstream node to the value of Serving-AAA-Server AVP and send back Session-Update- Answer message. In addition, if there is user AAA information maintained in the aAAAL, this information is encoded into a Session- Info AVP included as part of the SUA message. Once the AAA information is transferred, AAA server doesnĘt need to maintain it any longer; - If, otherwise, the user AAA information is maintained in oAAAL, the information will be inserted into SUA message as a Session-Info AVP when the message is forwarded from oAAAL to nAAAL; - In the path of the SUA, if some AAAL detects that its local host name equals to the value of Serving-AAA-Server AVP in the message (i.e. it is nAAAL), it will extract the Session-Info AVP and save the user AAA information locally. 3) From oAAAL to aAAAL, i.e. MN returns to the original sub-domain +------+ | AAAH | +------+ aAAAL | SessionId: foo ... Downstream node: nAR | ... +------+ +------+ | aAAAL|-----------| oAAAL| +------+ +------+ | | +------+ +------+ | AR | | oAR | +------+ +------+ ^ | v Liu, Le, Forsberg Expires: August 2003 [Page 6] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 +------+ movement | MN | <-------- +------+ Figure 4: MN returns to original sub-domain - oAR will release session information after successful handover; - nAR will send SUR with Destination-Host set to oAAAL, Anchor-AAA- Server set to aAAAL and Serving-AAA-Server set to nAAAL; - When SUR passes through nAAAL, the nAAAL will update its downstream node to the Origin-Host besides forwarding the message. If it discovers it is aAAAL, it must add Session-Update-Vector with Passed-Anchor-AAAL flag set to one before forwarding, in order to inform oAAAL that the message has passed aAAAL; - On receipt of SUR, since Passed-Anchor-AAAL flag is one in the message, oAAAL encodes the maintained user AAA into a Session-Info AVP included as part of the Session-Update-Answer message to be sent back; - In the path of the SUA, if some AAAL detects that its local host name equals to the value of Serving-AAA-Server AVP in the message (i.e. it is nAAAL), it will extract the Session-Info AVP and save the user AAA information locally. 4) From oAAAL to nAAAL, also aAAAL is in the middle of them. But AR doesnĘt know the route to oAAAL passes aAAAL, so Destination-Host of SUR still points to oAAAL +------+ aAAAL | AAAH | SessionId: foo +------+ Downstream node:nAAAL | ... nAAAL | SessionId: foo +------+ +------+ +------+Downstream node: nAR | oAAAL|-----| aAAAL|-----| nAAAL| ... +------+ +------+ +------+ | | | +------+ +------+ +------+ | oAR | | AR | | nAR | +------+ +------+ +------+ ^ | v movement +------+ ---------------> | MN | +------+ Liu, Le, Forsberg Expires: August 2003 [Page 7] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 Figure 5: Session Update between two AAALs bypass aAAAL - oAR will release session information after successful handover; - nAR will send SUR with Destination-Host set to oAAAL, Anchor-AAA- Server set to aAAAL and Serving-AAA-Server set to nAAAL; - When SUR passes through nAAAL, the nAAAL will update its downstream node to the host in the Origin-Host AVP, besides forwarding the message; - When SUR passes through aAAAL, the aAAAL discovers that its local host doesnĘt equal to the value of Serving-AAA-Server, so it will update its downstream node to the Serving-AAA-Server. Also, it must add Session-Update-Vector with Passed-Anchor-AAAL flag set to one before forwarding the message; - On receipt of SUR, since Passed-Anchor-AAAL flag is one in the message, oAAAL encodes the maintained user AAA into a Session-Info AVP included as part of the Session-Update-Answer message to be sent back; - In the path of the SUA, if some AAAL detects that its local host name equals to the value of Serving-AAA-Server AVP in the message (i.e. it is nAAAL), it will extract the Session-Info AVP and save the user AAA information locally. 5) MN returns to its home domain +------+ +------+ +------+ | aAAAL|-----| oAAAL|-----| AAAH | +------+ +------+ +------+ | | | +------+ +------+ +------+ | AR | | oAR | | nAR | +------+ +------+ +------+ ^ | v movement +------+ --------> | MN | +------+ Figure 6: MN returns to its home domain - oAR will release session information after successful handover; - nAR will send SUR with Destination-Host set to oAAAL, Anchor-AAA- Server set to aAAAL and Serving-AAA-Server set to nAAAL (i.e. AAAH); Liu, Le, Forsberg Expires: August 2003 [Page 8] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 - When SUR passes through nAAAL, the AAAH will add Session-Update- Vector AVP with Passed-AAAH flag set to one, in order to inform aAAAL that the message has passed AAAH; - When oAAAL receives SUR, it compares local host with the value of Anchor-AAA-Server AVP. If they are different, the oAAAL should replace the Destination-Host AVP value with that of Anchor-AAA- Server AVP and send the request out; - When aAAAL receives SUR, as the Passed-AAAH flag is one, whether to transfer the maintained user AAA information is application specific. After SUA is sent, it will free the relevant information of the session; - If the user AAA information is maintained in oAAAL, whether to transfer the maintained user AAA information is application specific too; 2.2.2 Diameter message redirection scenario When a diameter message is heading for the MN's access router, it's destination host and even destination domain should be updated if the MN have moved away from its original access router. There are two scenarios where AR will re-authenticate or terminate session caused by RAR or ASR from AAAH separately: 1. When MN is still in aAAAL, the request will be forwarded according to the downstream node value maintained in the AAAL. 2. When MN is in AAAL other than aAAAL - The request will be forwarded according to the downstream node; - The user AAA information in aAAAL can be released after Re-Auth- Answer is forwarded or Abort-Session-Answer with DIAMETER_SUCCESS Result-Code is forwarded. - The re-auth or STR should be delivered as that defined in Diameter base protocol. If nAR re-initiates auth-request through a new AAAL, it becomes aAAAL for this extended session. The downstream node in the old aAAAL will be released by session timeout. If the session termination is initiated by AR, it should forward STR to AAAH as that defined in the Diameter base protocol. The user AAA information in aAAAL, if it is not the current AAAL, will be released by session timeout. Liu, Le, Forsberg Expires: August 2003 [Page 9] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 If AAAH receives a message from nAAAL that is different from aAAAL, it will update its pointer from aAAAL to nAAAL. 2.2.3 Race scenario When a diameter message is heading for the MN's access router, and the MN's is changing its access router, the diameter message would be discarded if it reached the oAR when MN had already changed to the nAR. Therefore, when oAR receives a request (e.g. RAR or ASR) from AAAL (possibly originally from AAAH) for a session that has moved to nAR. This happens when SUR message has not yet been processed. oAR will answer with Result-Code set to DIAMETER_UNKNOWN_SESSION_ID. Upon receipt of such an answer, oAAAL will wait for SUR message with the matching Session-Id AVP, and until then oAAAL will either forward the answer to upstream AAAL or re-send the request (retrieved from the pending queue) to the new downstream AR (nAR) or AAAL. 2.3 Diameter Nodes Operations 2.3.1 AR Operation After successful handover, oAR will release session information and nAR will send SUR to oAAAL with Destination-Host set to oAAAL. If oAAAL doesnĘt equal to any of its local AAA servers, the request message should also include Anchor-AAA-Server AVP with the value of the transferred aAAAL and Serving-AAA-Server AVP with the value of the nAAAL. 2.3.2 AAAL Operation When AAAL receives SUR (Destination-Host equals to local host), firstly it will check whether SUR includes Anchor-AAA-Server AVP. If none exists, it means handover is inside the AAAL and then the AAAL only need to update its downstream node from oAR to nAR. Otherwise, it compares local host with the value of Anchor-AAA-Server. If they are different, this AAAL is not aAAAL, and should decide whether to go on forwarding the SUR by checking the Passed-Anchor-AAAL flag of Session-Update-Vector AVP. If the flat is one (it means the SUR has passed aAAAL), the AAAL send back Session-Update-Answer message with Session-Info AVP including the maintained AAA information; otherwise, it replaces the Destination-Host value with that of Anchor-AAA-Server, and continues to send the request. If local host matches the value of Anchor-AAA-Server AVP, besides updating the downstream node to the Serving-AAA-Server, it will send back SUA message, with Session-Info AVP if user AAA information for the session is still maintained. Liu, Le, Forsberg Expires: August 2003 [Page 10] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 If SUR passes through AAAL (Destination-Host doesnĘt equal to local host), it compares local host with Serving-AAA-Server and Anchor- AAA-Server. If local host matches Serving-AAA-Server, the AAAL will update its downstream node to the value of Origin-Host. If local host matches Anchor-AAA-Server, it must add Session-Update-Vector with Passed-Anchor-AAAL flag set to one; in addition, if it doesnĘt match Serving-AAA-Server, the AAAL will update its downstream node to the value of Serving-AAA-Server. If AAAL receives SUA and also maintains the user AAA information of the session, the generated SUA should include Session-Info AVP with the user AAA information and be sent back to AR. If SUA passes through nAAAL, the user AAA information should be exacted from the message and saved locally. When AAAL receives RAR or ASR from the home domain of the MN or from aAAAL, it should continue to forward the message after replacing the value of Destination-Host AVP with its saved downstream node of this session. Upon the receipt of the answer for the request, it will release the maintained AAA information after the answer is sent out. When session timeout, AAAL should release the downstream node (if exists). 2.3.3 AAAL operation in the race scenario If AAAL receives an answer with the Result-Code AVP set to DIAMETER_UNKNOWN_SESSION_ID from a downstream AR (oAR) or AAAL, it will wait for SUR message with the matching Session-Id AVP for a certain period of time, meanwhile holding the answer. After the matching SUR has been received and neither of the flags of Session- Update-Vector AVP is set, AAAL will re-send the request to the new downstream AR (nAR) or AAAL and free the answer, Otherwise it will forward this answer. +------+ | AAAH | +------+ | ... | +------+ | aAAAL| +------+ / \ +------+ +------+ | oAR | | nAR | +------+ +------+ ^ | v movement +------+ Liu, Le, Forsberg Expires: August 2003 [Page 11] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 -------->| MN | +------+ Figure 7: AAAL in race scenario under the same AAAL +------+ | AAAH | +------+ | ... | +------+ +------+ | aAAAL|-----------| oAAAL| +------+ +------+ | | +------+ +------+ | nAR | | oAR | +------+ +------+ ^ | v +------+ movement | MN | <-------- +------+ Figure 8: AAAL in race scenario (returns to aAAAL) 2.4 Advertising Application support Diameter nodes conforming to this specification MAY advertise support by including the value of XXXX in the Auth-Application-Id or the Acct-Application-Id AVP of the Capabilities-Exchange-Request and Capabilities-Exchange-Answer command [1]. 3. Command-Code Values This section defines Command-Code [1] values that MUST be supported by all Diameter implementations conforming to this specification. The following Command Codes are defined in this specification: Command-Name Abbreviation Code Section ----------------------------------------------------------- Session-Update-Request SUR TBD 3.1 Session-Update-Answer SUA TBD 3.2 3.1 Session-Update-Request The Session-Update-Request (SUR), indicated by the Command-Code set to TBD and the Command Flags' 'R' bit set, is sent by the access Liu, Le, Forsberg Expires: August 2003 [Page 12] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 device or the Diameter Client to inform relevant Diameter Server that an authenticated and/or authorized session is being updated. Message Format ::= < Diameter Header: TBD, REQ, PXY > < Session-Id > { Origin-Host } { Origin-Realm } { Destination-Host} { Destination-Realm } { Auth-Application-Id } [ User-Name ] [ Anchor-AAA-Server ] [ Serving-AAA-Server ] [ Session-Update-Vector ] * [ Class ] [ Origin-State-Id ] * [ AVP ] * [ Proxy-Info ] * [ Route-Record ] 3.2 Session-Update-Answer The Session-Update-Answer (SUA), indicated by the Command-Code set to TBD and the message flags' 'R' bit clear, is sent by the Diameter Server to acknowledge the notification that the session has been updated. The Result-Code AVP MUST be present, and MAY contain an indication that an error occurred while servicing the SUR. Message Format ::= < Diameter Header: TBD, PXY > < Session-Id > { Result-Code } { Origin-Host } { Origin-Realm } [ User-Name ] [ Session-Info] [ Serving-AAA-Server ] * [ Class ] [ Error-Message ] [ Error-Reporting-Host ] * [ Failed-AVP ] [ Origin-State-Id ] * [ Redirect-Host ] [ Redirect-Host-Usase ] [ Redirect-Max-Cache-Time ] * [ AVP ] * [ Proxy-Info ] Liu, Le, Forsberg Expires: August 2003 [Page 13] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 4. Result-Code AVP Values 5. Mandatory AVPs The following table describes the Diameter AVPs defined in the Mobile IP application, their AVP Code values, types, possible flag values and whether the AVP MAY be encrypted. +---------------------+ | AVP Flag rules | |----+-----+----+-----|----+ AVP Section | | |SHLD| MUST|MAY | Attribute Name Code Defined Value Type |MUST| MAY | NOT| NOT|Encr| ----------------------------------------|----+-----+----+-----|----| Anchor-AAA- TBD 5.1 DiamIdent | M | P | | V | Y | Server | | | | | | Serving-AAA- TBD 5.2 DiamIdent | M | P | | V | Y | Server | | | | | | Session-Info TBD 5.4 Grouped | M | P | | V | Y | Session-Update- TBD 5.3 Unsigned32 | M | P | | V | Y | Vector 5.1 Anchor-AAA-Server AVP The Anchor-AAA-Server AVP (AVP Code TBD) is of type DiameterIdentity and contains the identity of the anchor AAA server (i.e. aAAAL) in the foreign network. 5.2 Serving-AAA-Server AVP The Serving-AAA-Server AVP (AVP Code TBD) is of type DiameterIdentity and contains the identity of the serving AAA server (i.e. nAAAL) in the foreign network. 5.3 Session-Update-Vector AVP The Session-Update-Vector AVP (AVP Code TBD) is of type Unsigned32 and is added with flag values set by the aAAAL or AAAH. Flag values currently defined include: 1 Passed-Anchor-AAAL 2 Passed-AAAH 5.4 Session-Info AVP The Session-Info AVP (AVP Code TBD) is of type Grouped and contains the user AAA information (except Session-Id) maintained in the AAAL. The possible values of this AVP are TBD. AVP Format Liu, Le, Forsberg Expires: August 2003 [Page 14] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 ::= < AVP Header: TBD > 1* {AVP} 6. AVP Table TBD 7. IANA Considerations 8. Security Considerations TBD. 9. References [1] P. Calhoun, J. Loughney, E. Guttman, G. Zorn, J. Arkko, "Diame- ter Base Protocol", draft-ietf-aaa-diameter-17.txt, IETF work in progress, December 2002. [2] S. Bradner. "Key words for use in RFCs to Indicate Requirement Levels". BCP 14, RFC 2119, March 1997. [3] D. Forsberg, R. Koodli, C. Perkins, "Context Relocation of AAA Parameters in IP Networks", draft-forsberg-seamoby-aaa- relocate-00.doc, work in progress. [4] P. Calhoun, T. Johansson, C. Perkins, "Diameter Mobile IPv4 Application", draft-ietf-aaa-diameter-mobileip-13.txt, work in progress, October 2002. 10. Acknowledgements 11. Author's Addresses Qing Liu Nokia Research Center Nokia House 1, No.11, He Ping Li Dong Jie Beijing, 100013 P.R.China E-mail: qing.roger.liu@nokia.com Yanqun Le Nokia Research Center Nokia House 1, No.11, He Ping Li Dong Jie Beijing, 100013 P.R.China E-mail: yanqun.le@nokia.com Dan Forsberg Nokia Research Center, Liu, Le, Forsberg Expires: August 2003 [Page 15] INTERNET-DRAFTdraft-liu-aaa-diameter-session-mobility-00.txtFebruary 2003 P.O. Box 407 FIN-00045 Nokia GroupI E-mail: dan.forsberg@nokia.com 12. Intellectual Property Rights The IETF has been notified of intellectual property rights claimed in regard to some or all of the specification contained in this document. For more information consult the online list of claimed rights at http://www.ietf.org/ipr. 13. Full Copyright Statement Copyright (C) The Internet Society (2001). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this docu-ment itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of develop- ing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The lim- ited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DIS-CLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 14. Expiration Date This memo is filed as and expires in August 2003. Liu, Le, Forsberg Expires: August 2003 [Page 16]