Diff: draft-ietf-rap-rsvp-authsession-01.txt - draft-ietf-rap-rsvp-authsession-02.txt

	< draft-ietf-rap-rsvp-authsession-01.txt	draft-ietf-rap-rsvp-authsession-02.txt >
	RAP Working Group L-N. Hamer	RAP Working Group L-N. Hamer
	Internet Draft B. Gage	Internet Draft B. Gage

	Expires April 31, 2002 M. Broda	Expires August 31, 2002 M. Broda
	Nortel Networks	Nortel Networks
	B. Kosinski	B. Kosinski
	University of Alberta	University of Alberta
	Hugh Shieh	Hugh Shieh
	AT&T Wireless	AT&T Wireless

	November 2001	February 2002

	Session Authorization for RSVP	Session Authorization for RSVP


	draft-ietf-rap-rsvp-authsession-01.txt	draft-ietf-rap-rsvp-authsession-02.txt

	Status of this Memo	Status of this Memo

	This document is an Internet-Draft and is in full conformance with	This document is an Internet-Draft and is in full conformance with
	all provisions of Section 10 of RFC2026 [1].	all provisions of Section 10 of RFC2026 [1].

	Internet-Drafts are working documents of the Internet Engineering	Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF), its areas, and its working groups. Note that	Task Force (IETF), its areas, and its working groups. Note that
	other groups may also distribute working documents as Internet-	other groups may also distribute working documents as Internet-
	Drafts. Internet-Drafts are draft documents valid for a maximum of	Drafts. Internet-Drafts are draft documents valid for a maximum of
	six months and may be updated, replaced, or obsoleted by other	six months and may be updated, replaced, or obsoleted by other
	documents at any time. It is inappropriate to use Internet-Drafts as	documents at any time. It is inappropriate to use Internet-Drafts as
	reference material or to cite them other than as "work in progress."	reference material or to cite them other than as "work in progress."

	The list of current Internet-Drafts can be accessed at	The list of current Internet-Drafts can be accessed at
	http://www.ietf.org/ietf/1id-abstracts.txt	http://www.ietf.org/ietf/1id-abstracts.txt
	The list of Internet- Draft Shadow Directories can be accessed at	The list of Internet- Draft Shadow Directories can be accessed at
	http://www.ietf.org/shadow.html	http://www.ietf.org/shadow.html

	The distribution of this memo is unlimited. This memo is filed as	The distribution of this memo is unlimited. This memo is filed as

	<draft-ietf-rap-rsvp-authsession-01.txt>, and expires April 31,	<draft-ietf-rap-rsvp-authsession-02.txt>, and expires August 31,
	2002. Please send comments to the authors.	2002. Please send comments to the authors.

	Copyright Notice	Copyright Notice


	Copyright (C) The Internet Society (2001). All Rights Reserved.	Copyright (C) The Internet Society (2002). All Rights Reserved.

	Abstract	Abstract

	This document describes the representation of session authorization	This document describes the representation of session authorization
	information in the POLICY_DATA object [POL-EXT] for supporting	information in the POLICY_DATA object [POL-EXT] for supporting
	policy-based per-session authorization and admission control in	policy-based per-session authorization and admission control in
	RSVP. The goal of session authorization is to allow the exchange	RSVP. The goal of session authorization is to allow the exchange
	of information between network elements in order to authorize the	of information between network elements in order to authorize the
	use of resources for a service and to co-ordinate actions between	use of resources for a service and to co-ordinate actions between
	the signaling and transport planes. This document describes how a	the signaling and transport planes. This document describes how a

	skipping to change at page 5, line 38 ¶	skipping to change at page 5, line 38 ¶
	in section 7, IANA Considerations. Initially, the registry	in section 7, IANA Considerations. Initially, the registry
	contains the following sub-types of AUTH_ENT_ID:	contains the following sub-types of AUTH_ENT_ID:

	1 IPV4_ADDRESS IPv4 address	1 IPV4_ADDRESS IPv4 address

	2 IPV6_ADDRESS IPv6 address	2 IPV6_ADDRESS IPv6 address

	3 FQDN Fully Qualified Domain Name	3 FQDN Fully Qualified Domain Name

	4 ASCII_DN X.500 Distinguished name as defined	4 ASCII_DN X.500 Distinguished name as defined

	in RFC-1779 as an ASCII string.	in RFC-2253 as an ASCII string.

	5 UNICODE_DN X.500 Distinguished name as defined	5 UNICODE_DN X.500 Distinguished name as defined

	in RFC-1779 as a UNICODE string.	in RFC-2253 as a UNICODE string.

	6 URI Universal Resource Identifier, as	6 URI Universal Resource Identifier, as
	defined in RFC-2396.	defined in RFC-2396.

	7 KRB_PRINCIPAL Kerberos principal name as defined in	7 KRB_PRINCIPAL Kerberos principal name as defined in
	RFC-1510.	RFC-1510.


		8 KRB_REALM Kerberos realm as defined in RFC-1510.

	OctetString	OctetString
	Contains the authorizing entity identifier.	Contains the authorizing entity identifier.

	3.3.2 Authorizing Entity Credentials	3.3.2 Authorizing Entity Credentials

	AUTH_ENT_CRED contains the credentials of the authorizing entity,	AUTH_ENT_CRED contains the credentials of the authorizing entity,
	which can then be used by the network to ensure that the entity	which can then be used by the network to ensure that the entity
	which generated this session authorization policy element is a	which generated this session authorization policy element is a
	valid trusted entity.	valid trusted entity.


	skipping to change at page 13, line 59 ¶	skipping to change at page 13, line 59 ¶
	PKI authentication option should provide highest level of	PKI authentication option should provide highest level of
	security and good scalability, however it requires infrastructure	security and good scalability, however it requires infrastructure
	support and may have performance impacts.	support and may have performance impacts.

	9. Acknowledgments	9. Acknowledgments

	We would like to thank Francois Audet, Don Wade, Hamid Syed,	We would like to thank Francois Audet, Don Wade, Hamid Syed,
	Kwok Ho Chan and many others for their valuable comments.	Kwok Ho Chan and many others for their valuable comments.

	In addition, we would like to thank S. Yadav, et al, for their	In addition, we would like to thank S. Yadav, et al, for their

	efforts on RFC 2752, as this document borrows heavily from their	efforts on RFC 3182, as this document borrows from their work.
	work.

	10. References	10. References

	[I-REP] S. Yadav et al, "Identity Representation for	[I-REP] S. Yadav et al, "Identity Representation for

	RSVP", Internet-draft,	RSVP", RFC 3182, October 2001
	draft-ietf-rap-rsvp-better-identity-00.txt,
	June 2001


	[S-AUTH] Hamer, L-N. and Gage, B, "Framework for	[S-AUTH] L-N. Hamer et al., "Framework for
	session setup with media authorization",	session setup with media authorization",
	Internet-Draft,	Internet-Draft,

	draft-hamer-rap-session-auth-02.txt,	draft-hamer-rap-session-auth-03.txt,
	November 2001.	February 2002.

	[ASCII] Coded Character Set -- 7-Bit American Standard	[ASCII] Coded Character Set -- 7-Bit American Standard
	Code for Information Interchange, ANSI X3.4-	Code for Information Interchange, ANSI X3.4-
	1986.	1986.

	[IANA-CONSIDERATIONS] Alvestrand, H. and T. Narten, "Guidelines for	[IANA-CONSIDERATIONS] Alvestrand, H. and T. Narten, "Guidelines for
	Writing an IANA Considerations Section in	Writing an IANA Considerations Section in
	RFCs", BCP 26, RFC 2434, October 1998.	RFCs", BCP 26, RFC 2434, October 1998.

	[POL-EXT] Herzog, S., "RSVP Extensions for Policy	[POL-EXT] Herzog, S., "RSVP Extensions for Policy

	skipping to change at page 14, line 33 ¶	skipping to change at page 14, line 33 ¶

	[RFC-1510] Kohl, J. and C. Neuman, "The Kerberos Network	[RFC-1510] Kohl, J. and C. Neuman, "The Kerberos Network
	Authentication Service (V5)", RFC 1510,	Authentication Service (V5)", RFC 1510,
	September 1993.	September 1993.

	[RFC-1633] Braden, R., Clark, D., Shenker, S.,	[RFC-1633] Braden, R., Clark, D., Shenker, S.,
	"Integrated Services in the Internet	"Integrated Services in the Internet
	Architecture: An Overview", RFC 1633,	Architecture: An Overview", RFC 1633,
	June 1994.	June 1994.


	[RFC-1779] Killie, S., "A String Representation of	[RFC-2253] Wahl, M. et al., "UTF-8 String
	Distinguished Names", RFC 1779, March 1995.	Representation of Distinguished Names",
		RFC 2253, December 1997.

	[RFC-2205] Braden, R., Zhang, L., Berson, S., Herzog, S.	[RFC-2205] Braden, R., Zhang, L., Berson, S., Herzog, S.
	and S. Jamin, "Resource ReSerVation Protocol	and S. Jamin, "Resource ReSerVation Protocol
	(RSVP) - Version 1 Functional Specification",	(RSVP) - Version 1 Functional Specification",
	RFC 2205, September 1997.	RFC 2205, September 1997.

	[RFC-2209] Braden, R. and L. Zhang, "Resource ReSerVation	[RFC-2209] Braden, R. and L. Zhang, "Resource ReSerVation
	Protocol (RSVP) - Version 1 Message Processing	Protocol (RSVP) - Version 1 Message Processing
	Rules", RFC 2209, September 1997.	Rules", RFC 2209, September 1997.


	skipping to change at page 15, line 54 ¶	skipping to change at page 15, line 54 ¶
	Ottawa, Canada	Ottawa, Canada
	EMail: mbroda@nortelnetworks.com	EMail: mbroda@nortelnetworks.com

	Hugh Shieh	Hugh Shieh
	AT&T Wireless	AT&T Wireless
	Redmond, USA	Redmond, USA
	Email: hugh.shieh@attws.com	Email: hugh.shieh@attws.com

	12. Full Copyright Statement	12. Full Copyright Statement


	Copyright (C) The Internet Society (2001). All Rights Reserved. This	Copyright (C) The Internet Society (2002). All Rights Reserved. This
	document and translations of it may be copied and furnished to	document and translations of it may be copied and furnished to
	others, and derivative works that comment on or otherwise explain it	others, and derivative works that comment on or otherwise explain it
	or assist in its implementation may be prepared, copied, published	or assist in its implementation may be prepared, copied, published
	and distributed, in whole or in part, without restriction of any	and distributed, in whole or in part, without restriction of any
	kind, provided that the above copyright notice and this paragraph	kind, provided that the above copyright notice and this paragraph
	are included on all such copies and derivative works. However, this	are included on all such copies and derivative works. However, this
	document itself may not be modified in any way, such as by removing	document itself may not be modified in any way, such as by removing
	the copyright notice or references to the Internet Society or other	the copyright notice or references to the Internet Society or other
	Internet organisations, except as needed for the purpose of	Internet organisations, except as needed for the purpose of
	developing Internet standards in which case the procedures for	developing Internet standards in which case the procedures for
	copyrights defined in the Internet Standards process must be	copyrights defined in the Internet Standards process must be
	followed, or as required to translate it into.	followed, or as required to translate it into.

	Expiration Date	Expiration Date


	This memo is filed as <draft-ietf-rap-rsvp-authsession-01.txt>, and	This memo is filed as <draft-ietf-rap-rsvp-authsession-02.txt>, and
	expires April 31, 2002.	expires August 31, 2002.

End of changes. 15 change blocks.
	18 lines changed or deleted	18 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/