[Mip4] RFC3012bis: Proposal for Issue2-Change2

To: "'mip4@ietf.org'" <mip4@ietf.org>
Subject: [Mip4] RFC3012bis: Proposal for Issue2-Change2
From: "Jayshree Bharatia" <jayshree@nortelnetworks.com>
Date: Wed, 27 Aug 2003 12:22:52 -0500
List-help: <mailto:mip4-request@ietf.org?subject=help>
List-id: Mobility for IPv4 <mip4.ietf.org>
List-post: <mailto:mip4@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/mip4>,<mailto:mip4-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/mip4>,<mailto:mip4-request@ietf.org?subject=unsubscribe>
Sender: mip4-admin@ietf.org

The current proposal from Pete is to reuse the challenge in the Registration
Reply of the Registration Request for which the authentication fails at the
FA. This challenge sent in the Registration reply will be same as the
challenge received in the Registration Request for which the reply is sent.

To reflect this point, the following changes are proposed by Jayshree:

(change 2.1-Section 3.2)
From:
If the registration message contains a Mobile-Foreign Authentication
extension with an incorrect authenticator that fails verification, the
Foreign Agent MAY send a Registration Reply to the mobile node with Code
value BAD_AUTHENTICATION (see Section 10). 

To: (Added last statement) 
If the registration message contains a Mobile-Foreign Authentication
extension with an incorrect authenticator that fails verification, the
Foreign Agent MAY send a Registration Reply to the mobile node with Code
value BAD_AUTHENTICATION (see Section 10). In this case, if  the Mobile Node
is currently registered, the challenge included in the  Registration Reply
by the Foreign Agent MUST be the same as the one received in the
Registration Request.

(change 2.2-Section 3.2)
From:
If the registration message contains a Mobile-AAA Authentication extension
with an incorrect authenticator that fails verification, the Foreign Agent
MAY send a Registration Reply to the mobile node with Code value
BAD_AAA_AUTHENTICATION_SET_BY_FA. 

To: (Added last statement)
If the registration message contains a Mobile-AAA Authentication extension
with an incorrect authenticator that fails verification, the Foreign Agent
MAY send a Registration Reply to the mobile node with Code value
BAD_AAA_AUTHENTICATION_SET_BY_FA. In this case, if  the Mobile Node is
currently registered, the challenge included in the Registration Reply by
the Foreign Agent MUST be the same as the one received in the Registration
Request.

(change 2.3-Section 3.5)
From:
BAD_AAA_AUTHENTICATION_SET_BY_FA: This error is sent by the Foreign Agent if
the Registration Request contains a Mobile-AAA Authentication extension with
an incorrect authenticator that fails verification.  A Mobile Node that
receives a
BAD_AAA_AUTHENTICATION_SET_BY_FA MUST use a new Challenge value in any new
registration, obtained either from an Agent Advertisement, or from a
Challenge extension to the Registration Reply containing the error.

To: (Replaced "new Challenge" to "Challenge")
BAD_AAA_AUTHENTICATION_SET_BY_FA: This error is sent by the Foreign Agent if
the Registration Request contains a Mobile-AAA Authentication extension with
an incorrect authenticator that fails verification.  A Mobile Node that
receives a
BAD_AAA_AUTHENTICATION_SET_BY_FA MUST use a Challenge value in any new
registration, obtained either from an Agent Advertisement, or from a
Challenge extension to the Registration Reply containing the error.

_______________________________________________
Mip4 mailing list
Mip4@ietf.org
https://www.ietf.org/mailman/listinfo/mip4

Prev by Date: [Mip4] RFC3012bis: Proposal for Issue2-Change5
Next by Date: Re: [Mip4] Re: FW: Comments on VPN Problem Statement Draft
Previous by thread: [Mip4] RFC3012bis: Proposal for Issue2-Change5
Next by thread: [Mip4] [Issue] draft-kulkarni-mobileip-dynamic-assignment: Routingconcerns
Index(es):
- Date
- Thread

[Mip4] RFC3012bis: Proposal for Issue2-Change2

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.