[Mip4] RE: [Dime] RE: Issue 3: Diameter MIP4 Application vs. RADIUSArchitecture

["Alper Yegin" <alper.yegin at yegin.org>]

Yes, HOKEY has relevance to that.

Alper 

> -----Original Message-----
> From: Tom Taylor [mailto:tom.taylor at rogers.com]
> Sent: Wednesday, August 15, 2007 8:27 PM
> To: Alper Yegin
> Cc: 'McCann Peter-A001034'; 'Ahmad Muhanna'; dime at ietf.org; mip4 at ietf.org
> Subject: Re: [Dime] RE: Issue 3: Diameter MIP4 Application vs.
> RADIUSArchitecture
> 
> Isn't this what HOKEY is all about?
> 
> Alper Yegin wrote:
> >>> MN is authenticated by the same entity (HAAA) whether requested by
> >>> the FA or the HA. If HA and FA has some trust relationship (e.g.,
> >>> using FA-HA AE, or IPsec), then I believe letting the HA authenticate
> >>> the MN is sufficient.
> >> There is no scalable way to maintain trust relationships between
> >> all pairs of (FA, HA).  One of the main purposes of the Diameter
> >> MIPv4 application is to distribute keys for those (FA, HA)
> >> relationships that are necessary based on the MNs that are
> >> roaming to a given FA.  The FA needs to make sure that the
> >> visited resources will be paid for, which is why it needs
> >> authorization from the AAA infrastructure.
> >
> > FA-HA security association can also be dynamically created during the
> > network access authentication procedure.
> >
> > Alper
> >
> >
> >
> > _______________________________________________
> > DiME mailing list
> > DiME at ietf.org
> > https://www1.ietf.org/mailman/listinfo/dime
> >
> >



-- 
Mip4 mailing list: Mip4 at ietf.org
    Web interface: https://www1.ietf.org/mailman/listinfo/mip4
     Charter page: http://www.ietf.org/html.charters/mip4-charter.html
Supplemental site: http://www.mip4.org/