| < draft-ietf-aaa-eap-07.txt | draft-ietf-aaa-eap-08.txt > | |||
|---|---|---|---|---|
| Network Working Group P. Eronen, Ed. | Network Working Group P. Eronen, Ed. | |||
| Internet-Draft Nokia | Internet-Draft Nokia | |||
| Expires: December 13, 2004 T. Hiller | Expires: December 22, 2004 T. Hiller | |||
| Lucent Technologies | Lucent Technologies | |||
| G. Zorn | G. Zorn | |||
| Cisco Systems | Cisco Systems | |||
| June 14, 2004 | June 23, 2004 | |||
| Diameter Extensible Authentication Protocol (EAP) Application | Diameter Extensible Authentication Protocol (EAP) Application | |||
| draft-ietf-aaa-eap-07.txt | draft-ietf-aaa-eap-08.txt | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, I certify that any applicable | By submitting this Internet-Draft, I certify that any applicable | |||
| patent or other IPR claims of which I am aware have been disclosed, | patent or other IPR claims of which I am aware have been disclosed, | |||
| and any of which I become aware will be disclosed, in accordance with | and any of which I become aware will be disclosed, in accordance with | |||
| RFC 3668. | RFC 3668. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 1, line 37 ¶ | skipping to change at page 1, line 37 ¶ | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on December 13, 2004. | This Internet-Draft will expire on December 22, 2004. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (C) The Internet Society (2004). All Rights Reserved. | Copyright (C) The Internet Society (2004). All Rights Reserved. | |||
| Abstract | Abstract | |||
| The Extensible Authentication Protocol (EAP) provides a standard | The Extensible Authentication Protocol (EAP) provides a standard | |||
| mechanism for support of various authentication methods. This | mechanism for support of various authentication methods. This | |||
| document defines the Command-Codes and AVPs necessary to carry EAP | document defines the Command-Codes and AVPs necessary to carry EAP | |||
| skipping to change at page 16, line 18 ¶ | skipping to change at page 16, line 18 ¶ | |||
| by all Diameter implementations conforming to this specification. | by all Diameter implementations conforming to this specification. | |||
| The following Command Codes are defined in this section: | The following Command Codes are defined in this section: | |||
| Command-Name Abbrev. Code Reference | Command-Name Abbrev. Code Reference | |||
| -------------------------------------------------------- | -------------------------------------------------------- | |||
| Diameter-EAP-Request DER 268 3.1 | Diameter-EAP-Request DER 268 3.1 | |||
| Diameter-EAP-Answer DEA 268 3.2 | Diameter-EAP-Answer DEA 268 3.2 | |||
| When the NASREQ AA-Request (AAR) or AA-Answer (AAA) commands are used | When the NASREQ AA-Request (AAR) or AA-Answer (AAA) commands are used | |||
| for AUTHORIZE_ONLY messages in conjunction with EAP (see Section | for AUTHORIZE_ONLY messages in conjunction with EAP (see Section | |||
| 2.3.3), the Auth-Application-Id AVP MUST be set to 1 (NASREQ), and | 2.3.3), an Application Identifier value of 1 (NASREQ) is used, and | |||
| the rules and command ABNF defined in [NASREQ] MUST be followed. | the commands follow the rules and ABNF defined in [NASREQ]. | |||
| Similarly, when the Re-Auth-Request (RAR), Re-Auth-Answer (RAA), | When the Re-Auth-Request (RAR), Re-Auth-Answer (RAA), | |||
| Session-Termination-Request (STR), Session-Termination-Answer (STA), | Session-Termination-Request (STR), Session-Termination-Answer (STA), | |||
| Abort-Session-Request (ASR), Abort-Session-Answer (ASA), | Abort-Session-Request (ASR), Abort-Session-Answer (ASA), | |||
| Accounting-Request (ACR), and Accounting-Answer (ACA) commands are | Accounting-Request (ACR), and Accounting-Answer (ACA) commands are | |||
| used together with the Diameter EAP application, they follow the | used together with the Diameter EAP application, they follow the | |||
| rules in [NASREQ] and use Auth-Application-Id 1. | rules in [NASREQ] and [BASE]. The accounting commands use | |||
| Application Identifier value of 3 (Diameter Base Accounting); the | ||||
| others use 0 (Diameter Common Messages). | ||||
| 3.1 Diameter-EAP-Request (DER) Command | 3.1 Diameter-EAP-Request (DER) Command | |||
| The Diameter-EAP-Request (DER) command, indicated by the Command-Code | The Diameter-EAP-Request (DER) command, indicated by the Command-Code | |||
| field set to 268 and the 'R' bit set in the Command Flags field, is | field set to 268 and the 'R' bit set in the Command Flags field, is | |||
| sent by a Diameter client to a Diameter server and conveys an | sent by a Diameter client to a Diameter server and conveys an | |||
| EAP-Response from the EAP client. The Diameter-EAP-Request MUST | EAP-Response from the EAP client. The Diameter-EAP-Request MUST | |||
| contain one EAP-Payload AVP, which contains the actual EAP payload. | contain one EAP-Payload AVP, which contains the actual EAP payload. | |||
| An EAP-Payload AVP with no data MAY be sent to the Diameter server to | An EAP-Payload AVP with no data MAY be sent to the Diameter server to | |||
| initiate an EAP authentication session. | initiate an EAP authentication session. | |||
| skipping to change at page 30, line 50 ¶ | skipping to change at page 30, line 50 ¶ | |||
| Julien Bournelle, Pat Calhoun, Henry Haverinen, John Loughney, | Julien Bournelle, Pat Calhoun, Henry Haverinen, John Loughney, | |||
| Yoshihiro Ohba, and Joseph Salowey. | Yoshihiro Ohba, and Joseph Salowey. | |||
| 10. References | 10. References | |||
| 10.1 Normative References | 10.1 Normative References | |||
| [BASE] Calhoun, P., Loughney, J., Guttman, E., Zorn, G. and J. | [BASE] Calhoun, P., Loughney, J., Guttman, E., Zorn, G. and J. | |||
| Arkko, "Diameter Base Protocol", RFC 3588, September 2003. | Arkko, "Diameter Base Protocol", RFC 3588, September 2003. | |||
| [EAP] Blunk, L., Vollbrecht, J., Aboba, B., Carlson, J. and H. | [EAP] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J. and H. | |||
| Levkowetz, "Extensible Authentication Protocol (EAP)", | Levkowetz, "Extensible Authentication Protocol (EAP)", RFC | |||
| draft-ietf-eap-rfc2284bis-09 (work in progress), February | 3748, June 2004. | |||
| 2004. | ||||
| [NASREQ] Calhoun, P., Zorn, G., Spence, D. and D. Mitton, "Diameter | [NASREQ] Calhoun, P., Zorn, G., Spence, D. and D. Mitton, "Diameter | |||
| Network Access Server Application", | Network Access Server Application", | |||
| draft-ietf-aaa-diameter-nasreq-15 (work in progress), June | draft-ietf-aaa-diameter-nasreq-15 (work in progress), June | |||
| 2004. | 2004. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| 10.2 Informative References | 10.2 Informative References | |||
| skipping to change at page 33, line 18 ¶ | skipping to change at page 33, line 18 ¶ | |||
| USA | USA | |||
| Phone: +1 425 344 8113 | Phone: +1 425 344 8113 | |||
| EMail: gwz@cisco.com | EMail: gwz@cisco.com | |||
| Appendix A. Changelog | Appendix A. Changelog | |||
| (This section will not appear in the final version submitted to RFC | (This section will not appear in the final version submitted to RFC | |||
| editor.) | editor.) | |||
| Changes from -07.a to -08.a: | ||||
| o Use application identifier 0/3 for commands defined in BASE. | ||||
| o draft-ietf-eap-rfc2284bis is now RFC 3748 (hooray!). | ||||
| Changes from -06.b to -07.a: | Changes from -06.b to -07.a: | |||
| o Clarified how NASREQ commands are used together with Diameter EAP | o Clarified how NASREQ commands are used together with Diameter EAP | |||
| application. | application. | |||
| o Clarified that NASREQ text about RADIUS translation applies here | o Clarified that NASREQ text about RADIUS translation applies here | |||
| as well. | as well. | |||
| o Updated references: NASREQ to -15, IKEv2 to -14. | o Updated references: NASREQ to -15, IKEv2 to -14. | |||
| End of changes. 9 change blocks. | ||||
| 12 lines changed or deleted | 19 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||