Handover Keying
AAA Components

Glen Zorn

Network Zen

IETF 75 - Stockholm

hokey AAA Requirements

Diameter & RADIUS

Requirements differ

Implementations differ

Protocol capabilities differ

RADIUS

Need security

Key Wrap

Strong integrity protection

Default routing

No “application” support

Diameter

Security supplied

TLS

IPsec

Application support

Application-specific message routing

Independent paths for hokey & other messages

What’s Needed to do the Work?

Requires clear understanding of hokey architecture

AAA protocol-specific knowledge less important

A Proposal

Develop AAA support for hokey in hokey WG

Encourage participation by members of dime & radext WGs

Review

AAA Doctors

radext WG

dime WG

Slide 7


	Diameter & RADIUS
		Requirements differ
		Implementations differ
		Protocol capabilities differ


	Need security
		Key Wrap
		Strong integrity protection
	Default routing
	No “application” support


	Security supplied
		TLS
		IPsec
	Application support
		Application-specific message routing
		Independent paths for hokey & other messages


	Requires clear understanding of hokey architecture
	AAA protocol-specific knowledge less important


	Develop AAA support for hokey in hokey WG
	Encourage participation by members of dime & radext WGs
	Review
		AAA Doctors
		radext WG
		dime WG