| < draft-ietf-rap-rsvp-identity-04.txt | draft-ietf-rap-rsvp-identity-05.txt > | |||
|---|---|---|---|---|
| Internet Draft Satyendra Yadav | Internet Draft Satyendra Yadav | |||
| Expiration: December 1999 Raj Yavatkar | Expiration: March 2000 Raj Yavatkar | |||
| File: draft-ietf-rap-rsvp-identity-04.txt Intel | File: draft-ietf-rap-rsvp-identity-05.txt Intel | |||
| Ramesh Pabbati | Ramesh Pabbati | |||
| Peter Ford | Peter Ford | |||
| Tim Moore | Tim Moore | |||
| Microsoft | Microsoft | |||
| Shai Herzog | Shai Herzog | |||
| IPHighway | IPHighway | |||
| Identity Representation for RSVP | Identity Representation for RSVP | |||
| July 1999 | September 1999 | |||
| Status of this Memo | Status of this Memo | |||
| This document is an Internet-Draft and is in full conformance with | This document is an Internet-Draft and is in full conformance with | |||
| all provisions of Section 10 of RFC2026. | all provisions of Section 10 of RFC2026. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| other groups may also distribute working documents as Internet- | other groups may also distribute working documents as Internet- | |||
| Drafts. | Drafts. | |||
| skipping to change at line 612 ¶ | skipping to change at line 612 ¶ | |||
| error values are described in [RFC 2205] and [POL-EXT]. Also PDP | error values are described in [RFC 2205] and [POL-EXT]. Also PDP | |||
| SHOULD supply a policy data object containing the AUTH_DATA Policy | SHOULD supply a policy data object containing the AUTH_DATA Policy | |||
| Element with more details on the Policy Control failures in the | Element with more details on the Policy Control failures in the | |||
| policy error object attribute. The PEP will include this Policy Data | policy error object attribute. The PEP will include this Policy Data | |||
| object in the outgoing RSVP Error message. | object in the outgoing RSVP Error message. | |||
| 9. IANA Considerations | 9. IANA Considerations | |||
| Following the policies outlined in [IANA-CONSIDERATIONS], | Following the policies outlined in [IANA-CONSIDERATIONS], | |||
| authentication attribute types (A-Type)in the range 0-127 are | authentication attribute types (A-Type)in the range 0-127 are | |||
| allocated an IETF Consensus action, A-Type values between 128-255 | allocated through an IETF Consensus action, A-Type values between | |||
| are reserved for Private Use and are not assigned by IANA. | 128-255 are reserved for Private Use and are not assigned by IANA. | |||
| Following the policies outlined in [IANA-CONSIDERATIONS], | Following the policies outlined in [IANA-CONSIDERATIONS], | |||
| POLICY_LOCATOR SubType values in the range 0-127 are allocated an | POLICY_LOCATOR SubType values in the range 0-127 are allocated | |||
| IETF Consensus action, POLICY_LOCATOR SubType values between 128-255 | through an IETF Consensus action, POLICY_LOCATOR SubType values | |||
| are reserved for Private Use and are not assigned by IANA. | between 128-255 are reserved for Private Use and are not assigned by | |||
| IANA. | ||||
| Following the policies outlined in [IANA-CONSIDERATIONS], | Following the policies outlined in [IANA-CONSIDERATIONS], | |||
| CREDENTIAL SubType values in the range 0-127 are allocated an IETF | CREDENTIAL SubType values in the range 0-127 are allocated through | |||
| Consensus action, CREDENTIAL SubType values between 128-255 are | an IETF Consensus action, CREDENTIAL SubType values between 128-255 | |||
| reserved for Private Use and are not assigned by IANA. | are reserved for Private Use and are not assigned by IANA. | |||
| Yadav, et al. 13 | Yadav, et al. 13 | |||
| 10. Security Considerations | 10. Security Considerations | |||
| The purpose of this draft is to describe a mechanism to authenticate | The purpose of this draft is to describe a mechanism to authenticate | |||
| RSVP requests based on user identity in a secure manner. RSVP | RSVP requests based on user identity in a secure manner. RSVP | |||
| INTEGRITY object is used to protect the policy object containing | INTEGRITY object is used to protect the policy object containing | |||
| user identity information from security (replay) attacks. Combining | user identity information from security (replay) attacks. Combining | |||
| the AUTH_DATA policy element and the INTEGRITY object results in a | the AUTH_DATA policy element and the INTEGRITY object results in a | |||
| secure access control that enforces authentication based on both the | secure access control that enforces authentication based on both the | |||
| skipping to change at line 686 ¶ | skipping to change at line 687 ¶ | |||
| [RFC 2205] Braden, R., et. al., "Resource ReSerVation Protocol | [RFC 2205] Braden, R., et. al., "Resource ReSerVation Protocol | |||
| (RSVP) - Version 1 Functional Specification." RFC 2205. | (RSVP) - Version 1 Functional Specification." RFC 2205. | |||
| [RFC 2209] Braden, R., Zhang, L., "Resource ReSerVation Protocol | [RFC 2209] Braden, R., Zhang, L., "Resource ReSerVation Protocol | |||
| (RSVP) - Version 1 Message Processing Rules." RFC 2209. | (RSVP) - Version 1 Message Processing Rules." RFC 2209. | |||
| [UNICODE] The Unicode Consortium, "The Unicode Standard, Version | [UNICODE] The Unicode Consortium, "The Unicode Standard, Version | |||
| 2.0", Addison-Wesley, Reading, MA, 1996. | 2.0", Addison-Wesley, Reading, MA, 1996. | |||
| [X.509] R. Housley, et. al., "Internet X.509 Public Key | [X.509] R. Housley, et. al., "Internet X.509 Public Key | |||
| Infrastructure Certificate and CRL Profile", Internet- | Infrastructure Certificate and CRL Profile", RFC 2459 | |||
| Draft, draft-ietf-pkix-ipki-part1-11.txt, September | ||||
| 1998. | ||||
| [X.509-ITU] ITU-T (formerly CCITT) Information technology - Open | [X.509-ITU] ITU-T (formerly CCITT) Information technology - Open | |||
| Systems Interconnection - The Directory: Authentication | Systems Interconnection - The Directory: Authentication | |||
| Framework Recommendation X.509 ISO/IEC 9594-8 | Framework Recommendation X.509 ISO/IEC 9594-8 | |||
| Yadav, et al. 15 | Yadav, et al. 15 | |||
| 13. Author Information | 13. Author Information | |||
| Satyendra Yadav | Satyendra Yadav | |||
| Intel, JF3-206 | Intel, JF3-206 | |||
| End of changes. 6 change blocks. | ||||
| 14 lines changed or deleted | 13 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||