[Dime] DiME ERP: new Application ID or not ? (non-roaming case)

To: "dime at ietf.org" <dime at ietf.org>
Subject: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
From: Julien Bournelle <julien.bournelle at gmail.com>
Date: Wed, 4 Mar 2009 08:05:03 +0100
Delivered-to: dime at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=Usr5ptenpPorrcaPccBXm0tQIbpEv0ndTmXS6MWSkqE=; b=c6crILZiiTt0cz7Z0csYIVwWfu50/epuMepQv8aM/4wR/8RYpNNzJzrtM/njydZaww IDU9tZqWcnCHrqlip5x8CGKcMgcNkjXV/ARyPpa6zu70/6i+pedtmODo9XggabtIBZos XJd0pRoehmSx9mEGkeyLsqN9xeObVE0zcTeEY=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=L14hnZvEwGxJDJR4yrmDmJeUiNFA6o7jctVwzLPQ/WpL8UbXhM74BvpR0cJRlF/JWF u9L8mUV/j/5mE/DWzlWudxZNPZkFn09fM6flbQwz44x5tWi/MGgD5qq7LwSBO1YFNF95 aZalR6d4qZSHAYBUMFP9iS463HtTpNqnfLpcI=
List-archive: <http://www.ietf.org/mail-archive/web/dime>
List-help: <mailto:dime-request@ietf.org?subject=help>
List-id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-post: <mailto:dime@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>

Hi all,

 we try to solve the issue concerning the need for a new App-Id or not.

 The ERP protocol (RFC 5296) is to be used along with EAP. It basically
defines two new EAP codes and uses keying material derived from a first
EAP authentication.

 To start the discussion, let's take the non-roaming case.

 In non-roaming, we have first an EAP authentication using Diameter EAP.
 Then, for reauthentication using ERP, we have two messages (Request/Response)
 between NAS and the AAA/ERP server carrying EAP packets

 See (http://tools.ietf.org/html/rfc5296#page-6)

 So, either we reuse the Diameter EAP Application (DER/DEA) or we define
a new Diameter Application.

 If we use a new Diameter Application, a new Diameter session will be created
and eventually a new Diameter server will be reached. What bothers
me in this case is that we basically perform a reauthentication for the same
session which is primarly handled at the AAA/EAP server. So, i'm wondering
what happens concerning Authorization Lifetime session etc..

 Note that I still don't have strong opinion and I'll be glad to hear opinions
from others.

 Regards,

 Julien

Follow-Ups:
- Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
  - From: Hannes Tschofenig

Prev by Date: Re: [Dime] Problem with Origin- & Destination-Realm AVPs in RFC3588bis
Next by Date: Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
Previous by thread: [Dime] Problem with Origin- & Destination-Realm AVPs in RFC3588bis
Next by thread: Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
Index(es):
- Date
- Thread

[Dime] DiME ERP: new Application ID or not ? (non-roaming case)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.