Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)

To: "'Qin Wu'" <sunseawq at huawei.com>, "'Julien Bournelle'" <julien.bournelle at gmail.com>
Subject: Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
From: "Hannes Tschofenig" <Hannes.Tschofenig at gmx.net>
Date: Thu, 12 Mar 2009 12:07:00 +0200
Cc: dime at ietf.org, hokey at ietf.org
Delivered-to: dime at core3.amsl.com
In-reply-to: <04d901c9a2f5$35f92f20$1b0ca40a at china.huawei.com>
List-archive: <http://www.ietf.org/mail-archive/web/dime>
List-help: <mailto:dime-request@ietf.org?subject=help>
List-id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-post: <mailto:dime@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
References: <5e2406980903032305k48ad83b7r1015e61c6ed983ae at mail.gmail.com> <020e01c99ca1$3b704150$2fb4b70a at nsnintra.net> <5e2406980903040203i26ab161bs3f221dc4ac03ed7 at mail.gmail.com> <021601c99f18$ee622250$0201a8c0 at nsnintra.net> <5e2406980903100314ycaf2a26mebff07d6e8ad395a at mail.gmail.com> <006b01c9a19e$aa68cf30$ff3a6d90$ at net> <07ce01c9a1a1$5a8daa50$0201a8c0 at nsnintra.net> <024d01c9a2e7$6708e0f0$1b0ca40a at china.huawei.com> <5e2406980903120206h5d80503bw46edbc3388105516 at mail.gmail.com> <096601c9a2f2$d451b640$0201a8c0 at nsnintra.net> <04d901c9a2f5$35f92f20$1b0ca40a at china.huawei.com>
Thread-index: Acmi9TlfUQRcAX1iTFqow0Y2E4EzzQABIAJA

Hi Qin, 

>Hi:
>If my understanding is correct, the ERP re-authentication with 
>a AAA server through a Hokey server will happen in the intial 
>EAP exchange or in  the bootstrapping phase.

If I understood Glen correctly so far then this is not the model. 
The Diameter (or RADIUS signaling for that matter) messages are not routed
through the HOKEY server but the AAA entities interact with the HOKEY
server(s) using some other protocol mechanism. To me that sounded like a
reasonable approach. 

>e.g., when the peer firstly enter into one visited AAA domain 
>away from the home AAA server, intial EAP exchange between the 
>peer and home AAA server is required.

Are you talking now about the regular Diameter EAP exchange. 

>  However when the peer 
>move between two adjacent authenticator within the same AAA 
>domain,  the ERP re-authentication does not happen with a AAA 
>server but with a local hokey server which is a optimized 
>approach to reduce handoff latency.
Currently, this is the HOKEY re-authentication exchange. 

Ciao
Hannes

>
>Best Regards!
>-Qin
>----- Original Message -----
>From: "Hannes Tschofenig" <Hannes.Tschofenig at gmx.net>
>To: "'Julien Bournelle'" <julien.bournelle at gmail.com>; "'Qin 
>Wu'" <sunseawq at huawei.com>
>Cc: "'Glen Zorn'" <glenzorn at comcast.net>; <dime at ietf.org>; 
><hokey at ietf.org>
>Sent: Thursday, March 12, 2009 5:13 PM
>Subject: RE: [HOKEY] [Dime] DiME ERP: new Application ID or 
>not ?(non-roaming case)
>
>
>> 
>>> 1/ re-uses full EAP authentication with Diameter EAP
>> 
>>> 2/ perform a reauthentication using ERP.
>> 
>>> If we use 2/, and we have a new Diameter ERP app-id, a 
>>>distinct AAA server may be reached. 
>> 
>> If I understood Glen correctly from previous conversations 
>then the Diameter
>> ERP re-authentication does not happen with a AAA server but 
>with a HOKEY
>> server. Hence, I am not sure that there is an issue. 
>> 
>> Ciao
>> Hannes
>>
>

Follow-Ups:
- Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
  - From: Qin Wu

References:
- [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
  - From: Julien Bournelle
- Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
  - From: Hannes Tschofenig
- Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
  - From: Julien Bournelle
- Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
  - From: Hannes Tschofenig
- Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
  - From: Julien Bournelle
- Re: [Dime] DiME ERP: new Application ID or not ? (non-roaming case)
  - From: Glen Zorn
- Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
  - From: Hannes Tschofenig
- Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
  - From: Qin Wu
- Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
  - From: Julien Bournelle
- Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
  - From: Hannes Tschofenig
- Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
  - From: Qin Wu

Prev by Date: Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roamingcase)
Next by Date: Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
Previous by thread: Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roamingcase)
Next by thread: Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)
Index(es):
- Date
- Thread

Re: [Dime] [HOKEY] DiME ERP: new Application ID or not ?(non-roaming case)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.