Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
Hi:
If my understanding is correct, the ERP re-authentication with a AAA server through a Hokey server will happen in the intial EAP exchange or in the bootstrapping phase.
e.g., when the peer firstly enter into one visited AAA domain away from the home AAA server, intial EAP exchange between the peer and home AAA server is required. However when the peer move between two adjacent authenticator within the same AAA domain, the ERP re-authentication does not happen with a AAA server but with a local hokey server which is a optimized approach to reduce handoff latency.
Best Regards!
-Qin
----- Original Message -----
From: "Hannes Tschofenig" <Hannes.Tschofenig at gmx.net>
To: "'Julien Bournelle'" <julien.bournelle at gmail.com>; "'Qin Wu'" <sunseawq at huawei.com>
Cc: "'Glen Zorn'" <glenzorn at comcast.net>; <dime at ietf.org>; <hokey at ietf.org>
Sent: Thursday, March 12, 2009 5:13 PM
Subject: RE: [HOKEY] [Dime] DiME ERP: new Application ID or not ?(non-roaming case)
>
>> 1/ re-uses full EAP authentication with Diameter EAP
>
>> 2/ perform a reauthentication using ERP.
>
>> If we use 2/, and we have a new Diameter ERP app-id, a
>>distinct AAA server may be reached.
>
> If I understood Glen correctly from previous conversations then the Diameter
> ERP re-authentication does not happen with a AAA server but with a HOKEY
> server. Hence, I am not sure that there is an issue.
>
> Ciao
> Hannes
>
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
