idnits 2.17.1 draft-ietf-pana-statemachine-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 18. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 1255. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1266. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1273. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1279. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 4, 2007) is 6134 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'C' is mentioned on line 1072, but not defined == Missing Reference: 'P' is mentioned on line 1113, but not defined == Missing Reference: 'S' is mentioned on line 997, but not defined == Missing Reference: 'A' is mentioned on line 1082, but not defined == Outdated reference: A later version (-18) exists of draft-ietf-pana-pana-17 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-pana-mobopts' Summary: 1 error (**), 0 flaws (~~), 7 warnings (==), 8 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PANA Working Group V. Fajardo, Ed. 3 Internet-Draft Y. Ohba 4 Expires: January 5, 2008 TARI 5 R. Lopez 6 Univ. of Murcia 7 July 4, 2007 9 State Machines for Protocol for Carrying Authentication for Network 10 Access (PANA) 11 draft-ietf-pana-statemachine-05 13 Status of this Memo 15 By submitting this Internet-Draft, each author represents that any 16 applicable patent or other IPR claims of which he or she is aware 17 have been or will be disclosed, and any of which he or she becomes 18 aware will be disclosed, in accordance with Section 6 of BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as Internet- 23 Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/ietf/1id-abstracts.txt. 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html. 36 This Internet-Draft will expire on January 5, 2008. 38 Copyright Notice 40 Copyright (C) The IETF Trust (2007). 42 Abstract 44 This document defines the conceptual state machines for the Protocol 45 for Carrying Authentication for Network Access (PANA). The state 46 machines consist of the PANA Client (PaC) state machine and the PANA 47 Authentication Agent (PAA) state machine. The two state machines 48 show how PANA can interface with the EAP state machines. The state 49 machines and associated model are informative only. Implementations 50 may achieve the same results using different methods. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 55 2. Interface Between PANA and EAP . . . . . . . . . . . . . . . . 5 56 3. Document Authority . . . . . . . . . . . . . . . . . . . . . . 7 57 4. Notations . . . . . . . . . . . . . . . . . . . . . . . . . . 8 58 5. Common Rules . . . . . . . . . . . . . . . . . . . . . . . . . 10 59 5.1. Common Procedures . . . . . . . . . . . . . . . . . . . . 10 60 5.2. Common Variables . . . . . . . . . . . . . . . . . . . . . 12 61 5.3. Constants . . . . . . . . . . . . . . . . . . . . . . . . 13 62 5.4. Common Message Initialization Rules . . . . . . . . . . . 14 63 5.5. Common Retransmition Rules . . . . . . . . . . . . . . . . 14 64 5.6. Common State Transitions . . . . . . . . . . . . . . . . . 14 65 6. PaC State Machine . . . . . . . . . . . . . . . . . . . . . . 16 66 6.1. Interface between PaC and EAP Peer . . . . . . . . . . . . 16 67 6.1.1. Delivering EAP Messages from PaC to EAP Peer . . . . . 16 68 6.1.2. Delivering EAP Messages from EAP Peer to PaC . . . . . 16 69 6.1.3. EAP Restart Notification from PaC to EAP Peer . . . . 16 70 6.1.4. EAP Authentication Result Notification from EAP 71 Peer to PaC . . . . . . . . . . . . . . . . . . . . . 17 72 6.1.5. Alternate Failure Notification from PaC to EAP Peer . 17 73 6.2. Constants . . . . . . . . . . . . . . . . . . . . . . . . 17 74 6.3. Variables . . . . . . . . . . . . . . . . . . . . . . . . 17 75 6.4. Procedures . . . . . . . . . . . . . . . . . . . . . . . . 18 76 6.5. PaC State Transition Table . . . . . . . . . . . . . . . . 18 77 7. PAA State Machine . . . . . . . . . . . . . . . . . . . . . . 24 78 7.1. Interface between PAA and EAP Authenticator . . . . . . . 24 79 7.1.1. EAP Restart Notification from PAA to EAP 80 Authenticator . . . . . . . . . . . . . . . . . . . . 24 81 7.1.2. Delivering EAP Responses from PAA to EAP 82 Authenticator . . . . . . . . . . . . . . . . . . . . 24 83 7.1.3. Delivering EAP Messages from EAP Authenticator to 84 PAA . . . . . . . . . . . . . . . . . . . . . . . . . 24 85 7.1.4. EAP Authentication Result Notification from EAP 86 Authenticator to PAA . . . . . . . . . . . . . . . . . 24 87 7.2. Variables . . . . . . . . . . . . . . . . . . . . . . . . 25 88 7.3. Procedures . . . . . . . . . . . . . . . . . . . . . . . . 26 89 7.4. PAA State Transition Table . . . . . . . . . . . . . . . . 26 90 8. Implementation Considerations . . . . . . . . . . . . . . . . 31 91 8.1. PAA and PaC Interface to Service Management Entity . . . . 31 92 9. Security Considerations . . . . . . . . . . . . . . . . . . . 32 93 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33 94 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 95 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35 96 12.1. Normative References . . . . . . . . . . . . . . . . . . . 35 97 12.2. Informative References . . . . . . . . . . . . . . . . . . 35 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 36 99 Intellectual Property and Copyright Statements . . . . . . . . . . 37 101 1. Introduction 103 This document defines the state machines for Protocol Carrying 104 Authentication for Network Access (PANA) [I-D.ietf-pana-pana]. There 105 are state machines for the PANA client (PaC) and for the PANA 106 Authentication Agent (PAA). Each state machine is specified through 107 a set of variables, procedures and a state transition table. 109 A PANA protocol execution consists of several exchanges to carry 110 authentication information. Specifically, EAP PDUs are transported 111 inside PANA PDUs between PaC and PAA, that is PANA represents a lower 112 layer for EAP protocol. Thus, a PANA state machine bases its 113 execution on an EAP state machine execution and vice versa. Thus 114 this document also shows for each of PaC and PAA an interface between 115 an EAP state machine and a PANA state machine and how this interface 116 allows to exchange information between them. Thanks to this 117 interface, a PANA state machine can be informed about several events 118 generated in an EAP state machine and make its execution conditional 119 to its events. 121 The details of EAP state machines are out of the scope of this 122 document. Additional information can be found in [RFC4137]. 123 Nevertheless PANA state machines presented here have been coordinated 124 with state machines shown by [RFC4137]. 126 This document, apart from defining PaC and PAA state machines and 127 their interfaces to EAP state machines (running on top of PANA), 128 provides some implementation considerations, taking into account that 129 it is not a specification but an implementation guideline. 131 2. Interface Between PANA and EAP 133 PANA carries EAP messages exchanged between an EAP peer and an EAP 134 authenticator (see Figure 1). Thus a PANA state machine interacts 135 with an EAP state machine. 137 Two state machines are defined in this document : the PaC state 138 machine (see Section 6) and the PAA state machine (see Section 7). 139 The definition of each state machine consists of a set of variables, 140 procedures and a state transition table. A subset of these variables 141 and procedures defines the interface between a PANA state machine and 142 an EAP state machine and the state transition table defines the PANA 143 state machine behavior based on results obtained through them. 145 On the one hand, the PaC state machine interacts with an EAP peer 146 state machine in order to carry out the PANA protocol on the PaC 147 side. On the other hand, the PAA state machine interacts with an EAP 148 authenticator state machine to run the PANA protocol on the PAA side. 150 Peer |EAP Auth 151 EAP <---------|------------> EAP 152 ^ | | ^ | 153 | | | EAP-Message | | EAP-Message 154 EAP-Message | |EAP-Message | | | 155 | v |PANA | v 156 PaC <---------|------------> PAA 158 Figure 1: Interface between PANA and EAP 160 Thus two interfaces are needed between PANA state machines and EAP 161 state machines, namely: 163 o Interface between the PaC state machine and the EAP peer state 164 machine 166 o Interface between the PAA state machine and the EAP authenticator 167 state machine 169 In general, the PaC and PAA state machines present EAP messages to 170 the EAP peer and authenticator state machines through the interface, 171 respectively. The EAP peer and authenticator state machines process 172 these messages and sends EAP messages through the PaC and PAA state 173 machines that is responsible for actually transmitting this message, 174 respectively. 176 For example, [RFC4137] specifies four interfaces to lower layers: (i) 177 an interface between the EAP peer state machine and a lower layer, 178 (ii) an interface between the EAP standalone authenticator state 179 machine and a lower layer, (iii) an interface between the EAP full 180 authenticator state machine and a lower layer and (iv) an interface 181 between the EAP backend authenticator state machine and a lower 182 layer. In this document, the PANA protocol is the lower layer of EAP 183 and only the first three interfaces are of interest to PANA. The 184 second and third interfaces are the same. In this regard, the EAP 185 standalone authenticator or the EAP full authenticator and its state 186 machine in [RFC4137] are referred to as the EAP authenticator and the 187 EAP authenticator state machine, respectively, in this document. If 188 an EAP peer and an EAP authenticator follow the state machines 189 defined in [RFC4137], the interfaces between PANA and EAP could be 190 based on that document. Detailed definition of interfaces between 191 PANA and EAP are described in the subsequent sections. 193 3. Document Authority 195 When a discrepancy occurs between any part of this document and any 196 of the related documents ([I-D.ietf-pana-pana], 197 [I-D.ietf-pana-mobopts], [RFC4137] the latter (the other documents) 198 are considered authoritative and takes precedence. 200 4. Notations 202 The following state transition tables are completed mostly based on 203 the conventions specified in [RFC4137]. The complete text is 204 described below. 206 State transition tables are used to represent the operation of the 207 protocol by a number of cooperating state machines each comprising a 208 group of connected, mutually exclusive states. Only one state of 209 each machine can be active at any given time. 211 All permissible transitions from a given state to other states and 212 associated actions performed when the transitions occur are 213 represented by using triplets of (exit condition, exit action, exit 214 state). All conditions are expressions that evaluate to TRUE or 215 FALSE; if a condition evaluates to TRUE, then the condition is met. 216 A state "ANY" is a wildcard state that matches the current state in 217 each state machine. The exit conditions of a wildcard state are 218 evaluated after all other exit conditions of specific to the current 219 state are met. 221 On exit from a state, the exit actions defined for the state and the 222 exit condition are executed exactly once, in the order that they 223 appear on the page. (Note that the procedures defined in [RFC4137] 224 are executed on entry to a state, which is one major difference from 225 this document.) Each exit action is deemed to be atomic; i.e., 226 execution of an exit action completes before the next sequential exit 227 action starts to execute. No exit action execute outside of a state 228 block. The exit actions in only one state block execute at a time 229 even if the conditions for execution of state blocks in different 230 state machines are satisfied. All exit actions in an executing state 231 block complete execution before the transition to and execution of 232 any other state blocks. The execution of any state block appears to 233 be atomic with respect to the execution of any other state block and 234 the transition condition to that state from the previous state is 235 TRUE when execution commences. The order of execution of state 236 blocks in different state machines is undefined except as constrained 237 by their transition conditions. A variable that is set to a 238 particular value in a state block retains this value until a 239 subsequent state block executes an exit action that modifies the 240 value. 242 On completion of the transition from the previous state to the 243 current state, all exit conditions occurring during the current state 244 (including exit conditions defined for the wildcard state) are 245 evaluated until an exit condition for that state is met. 247 Any event variable is set to TRUE when the corresponding event occurs 248 and set to FALSE immediately after completion of the action 249 associated with the current state and the event. 251 The interpretation of the special symbols and operators used is 252 defined in [RFC4137]. 254 5. Common Rules 256 There are following procedures, variables, message initializing rules 257 and state transitions that are common to both the PaC and PAA state 258 machines. 260 Throughout this document, the character string "PANA_MESSAGE_NAME" 261 matches any one of the abbreviated PANA message names, i.e., "PCI", 262 "PAR", "PAN", "PTR", "PTA", "PNR", "PNA". 264 5.1. Common Procedures 266 void None() 268 A null procedure, i.e., nothing is done. 270 void Disconnect() 272 A procedure to delete the PANA session as well as the 273 corresponding EAP session and authorization state. 275 boolean Authorize() 277 A procedure to create or modify authorization state. It returns 278 TRUE if authorization is successful. Otherwise, it returns FALSE. 279 It is assumed that Authorize() procedure of PaC state machine 280 always returns TRUE. 282 void Tx:PANA_MESSAGE_NAME[flag](AVPs) 284 A procedure to send a PANA message to its peering PANA entity. 285 The "flag" argment contains a flag (e.g., Tx:PAR[C]) to be set to 286 the message, except for 'R' (Request) flag. The "AVPs" contains a 287 list of names of optional AVPs to be inserted in the message, 288 except for AUTH AVP. 290 This procedure includes the following action before actual 291 transmission: 293 if (flag==S) 294 PANA_MESSAGE_NAME.S_flag=Set; 295 if (flag==C) 296 PANA_MESSAGE_NAME.C_flag=Set; 297 if (flag==A) 298 PANA_MESSAGE_NAME.A_flag=Set; 299 if (flag==P) 300 PANA_MESSAGE_NAME.P_flag=Set; 301 PANA_MESSAGE_NAME.insert_avp(AVPs); 302 if (key_availble()) 303 PANA_MESSAGE_NANE.insert_avp("AUTH"); 305 void TxEAP() 307 A procedure to send an EAP message to the EAP state machine it 308 interfaces to. 310 void RtxTimerStart() 312 A procedure to start the retransmission timer, reset RTX_COUNTER 313 variable to zero and set an appropriate value to RTX_MAX_NUM 314 variable. 316 void RtxTimerStop() 318 A procedure to stop the retransmission timer. 320 void SessionTimerReStart(TIMEOUT) 322 A procedure to (re)start PANA session timer. TIMEOUT specifies 323 the expiration time associated of the session timer. Expiration 324 of TIMEOUT will trigger a SESS_TIMEOUT event. 326 void SessionTimerStop() 328 A procedure to stop the current PANA session timer. 330 void Retransmit() 332 A procedure to retransmit a PANA message and increment RTX_COUNTER 333 by one(1). 335 void EAP_Restart() 337 A procedure to (re)start an EAP conversation resulting in the re- 338 initialization of an existing EAP session. 340 void PANA_MESSAGE_NAME.insert_avp("AVP_NAME1", "AVP_NAME2",...) 342 A procedure to insert AVPs for each specified AVP name in the list 343 of AVP names in the PANA message. When an AVP name ends with "*", 344 zero, one or more AVPs are inserted, otherwise one AVP is 345 inserted. 347 boolean PANA_MESSAGE_NAME.exist_avp("AVP_NAME") 349 A procedure that checks whether an AVP of the specified AVP name 350 exists in the specified PANA message and returns TRUE if the 351 specified AVP is found, otherwise returns FALSE. 353 boolean key_available() 355 A procedure to check whether the PANA session has a PANA_AUTH_KEY. 356 If the state machine already has a PANA_AUTH_KEY, it returns TRUE. 357 If the state machine does not have a PANA_AUTH_KEY, it tries to 358 retrieve a AAA-Key from the EAP entity. If a AAA-Key is 359 retrieved, it computes a PANA_AUTH_KEY from the AAA-Key and 360 returns TRUE. Otherwise, it returns FALSE. 362 5.2. Common Variables 364 PAR.RESULT_CODE 366 This variable contains the Result-Code AVP value in the PANA-Auth- 367 Request message in process. When this variable carries 368 PANA_SUCCESS it is assumed that the PAR message always contains an 369 EAP-Payload AVP which carries an EAP-Success message. 371 NONCE_SENT 373 This variable is set to TRUE to indicate that a Nonce-AVP has 374 already been sent. Otherwise it is set to FALSE. 376 RTX_COUNTER 378 This variable contains the current number of retransmissions of 379 the outstanding PANA message. 381 Rx:PANA_MESSAGE_NAME[flag] 383 This event variable is set to TRUE when the specified PANA message 384 is received from its peering PANA entity. The "flag" contains a 385 flag (e.g., Rx:PAR[C]), except for 'R' (Request) flag. 387 RTX_TIMEOUT 389 This event variable is set to TRUE when the retransmission timer 390 is expired. 392 REAUTH 394 This event variable is set to TRUE when an initiation of re- 395 authentication phase is triggered. 397 TERMINATE 399 This event variable is set to TRUE when initiation of PANA session 400 termination is triggered. 402 PANA_PING 404 This event variable is set to TRUE when initiation of liveness 405 test based on PANA-Notification exchange is triggered. 407 SESS_TIMEOUT 409 This event is variable is set to TRUE when the session timer has 410 expired. 412 LIFETIME_SESS_TIMEOUT 414 Configurable value used by the PaC and PAA to close or disconnect 415 an established session in the access phase. This variable 416 indicates the expiration of the session and is set to the value of 417 Session-Lifetime AVP if present in the last PANA-Auth-Request 418 message in the case of the PaC. Otherwise, it is assumed that the 419 value is infinite and therefore has no expiration. Expiration of 420 LIFETIME_SESS_TIMEOUT will cause the event variable SESS_TIMEOUT 421 to be set. 423 ANY 425 This event variable is set to TRUE when any event occurs. 427 5.3. Constants 429 RTX_MAX_NUM 431 Configurable maximum for how many retransmissions should be 432 attempted before aborting. 434 5.4. Common Message Initialization Rules 436 When a message is prepared for sending, it is initialized as follows: 438 o For a request message, R-flag of the header is set. Otherwise, 439 R-flag is not set. 441 o Other message header flags are not set. They are set explicitly 442 by specific state machine actions. 444 o AVPs that are mandatory included in a message are inserted with 445 appropriate values set. 447 5.5. Common Retransmition Rules 449 The state machines defined in this document assumes that the PaC and 450 the PAA caches the last transmitted answer message. This scheme is 451 described in Sec 5.2 of [I-D.ietf-pana-pana]. When the PaC or PAA 452 receives a re-transmitted or duplicate request, it would be able to 453 re-send the corresponding answer without any aid from the EAP layer. 454 However, to simplify the state machine description, this caching 455 scheme is omitted in the state machines below. In the case that 456 there is not corresponding answer to a re-transmitted request, the 457 request will be handled by the corresponding statemachine. 459 5.6. Common State Transitions 461 The following transitions can occur at any state with exemptions 462 explicitly noted. 464 ---------- 465 State: ANY 466 ---------- 468 Exit Condition Exit Action Exit State 469 ------------------------+--------------------------+------------ 470 - - - - - - - - - - - - - (Re-transmissions)- - - - - - - - - - 471 RTX_TIMEOUT && Retransmit(); (no change) 472 RTX_COUNTER< 473 RTX_MAX_NUM 474 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 475 - - - - - - - (Reach maximum number of transmissions)- - - - - - 476 (RTX_TIMEOUT && Disconnect(); CLOSED 477 RTX_COUNTER>= 478 RTX_MAX_NUM) || 479 SESS_TIMEOUT 480 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 482 ------------------------- 483 State: ANY except INITIAL 484 ------------------------- 486 Exit Condition Exit Action Exit State 487 ------------------------+--------------------------+------------ 488 - - - - - - - - - - (liveness test initiated by peer)- - - - - - 489 Rx:PNR[P] Tx:PNA[P](); (no change) 491 The following transitions can occur on any exit condition within the 492 specified state. 494 ------------- 495 State: CLOSED 496 ------------- 498 Exit Condition Exit Action Exit State 499 ------------------------+--------------------------+------------ 500 - - - - - - - -(Catch all event on closed state) - - - - - - - - 501 ANY None(); CLOSED 502 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 504 6. PaC State Machine 506 6.1. Interface between PaC and EAP Peer 508 This interface defines the interactions between a PaC and an EAP 509 peer. The interface serves as a mechanism to deliver EAP messages 510 for the EAP peer. It allows the EAP peer to receive EAP requests and 511 send EAP responses via the PaC. It also provides a mechanism to 512 notify the EAP peer of PaC events and a mechanism to receive 513 notification of EAP peer events. The EAP message delivery mechanism 514 as well as the event notification mechanism in this interface have 515 direct correlation with the PaC state transition table entries. 516 These message delivery and event notifications mechanisms occur only 517 within the context of their associated states or exit actions. 519 6.1.1. Delivering EAP Messages from PaC to EAP Peer 521 TxEAP() procedure in the PaC state machine serves as the mechanism to 522 deliver EAP messages contained in PANA-Auth-Request messages to the 523 EAP peer. This procedure is enabled only after an EAP restart event 524 is notified to the EAP peer and before any event resulting in a 525 termination of the EAP peer session. In the case where the EAP peer 526 follows the EAP peer state machine defined in [RFC4137], TxEAP() 527 procedure sets eapReq variable of the EAP peer state machine and puts 528 the EAP request in eapReqData variable of the EAP peer state machine. 530 6.1.2. Delivering EAP Messages from EAP Peer to PaC 532 An EAP message is delivered from the EAP peer to the PaC via 533 EAP_RESPONSE event variable. The event variable is set when the EAP 534 peer passes the EAP message to its lower-layer. In the case where 535 the EAP peer follows the EAP peer state machine defined in [RFC4137], 536 EAP_RESPONSE event variable refers to eapResp variable of the EAP 537 peer state machine and the EAP message is contained in eapRespData 538 variable of the EAP peer state machine. 540 6.1.3. EAP Restart Notification from PaC to EAP Peer 542 The EAP peer state machine defined in [RFC4137] has an initialization 543 procedure before receiving an EAP message. To initialize the EAP 544 state machine, the PaC state machine defines an event notification 545 mechanism to send an EAP (re)start event to the EAP peer. The event 546 notification is done via EAP_Restart() procedure in the 547 initialization action of the PaC state machine. 549 6.1.4. EAP Authentication Result Notification from EAP Peer to PaC 551 In order for the EAP peer to notify the PaC of an EAP authentication 552 result, EAP_SUCCESS and EAP_FAILURE event variables are defined. In 553 the case where the EAP peer follows the EAP peer state machine 554 defined in [RFC4137], EAP_SUCCESS and EAP_FAILURE event variables 555 refer to eapSuccess and eapFail variables of the EAP peer state 556 machine, respectively. In this case, if EAP_SUCCESS event variable 557 is set to TRUE and a AAA-Key is generated by the EAP authentication 558 method in use, eapKeyAvailable variable is set to TRUE and eapKeyData 559 variable contains the AAA-Key. Note that EAP_SUCCESS and EAP_FAILURE 560 event variables may be set to TRUE even before the PaC receives a PAR 561 with a 'Complete' flag set from the PAA. 563 6.1.5. Alternate Failure Notification from PaC to EAP Peer 565 alt_reject() procedure in the PaC state machine serves as the 566 mechanism to deliver an authentication failure event to the EAP peer 567 without accompanying an EAP message. In the case where the EAP peer 568 follows the EAP peer state machine defined in [RFC4137], alt_reject() 569 procedure sets altReject variable of the EAP peer state machine. 570 Note that the EAP peer state machine in [RFC4137] also defines 571 altAccept variable, however, it is never used in PANA in which EAP- 572 Success messages are reliably delivered by the last PANA-Auth 573 exchange. 575 6.2. Constants 577 FAILED_SESS_TIMEOUT 579 Configurable value that allows the PaC to determine whether a PaC 580 authentication and authorization phase has stalled without an 581 explicit EAP success or failure notification. 583 6.3. Variables 585 AUTH_USER 587 This event variable is set to TRUE when initiation of EAP-based 588 (re-)authentication is triggered by the application. 590 EAP_SUCCESS 592 This event variable is set to TRUE when the EAP peer determines 593 that EAP conversation completes with success. 595 EAP_FAILURE 597 This event variable is set to TRUE when the EAP peer determines 598 that EAP conversation completes with failure. 600 EAP_RESPONSE 602 This event variable is set to TRUE when the EAP peer delivers an 603 EAP message to the PaC. This event accompanies an EAP message 604 received from the EAP peer. 606 EAP_RESP_TIMEOUT 608 This event variable is set to TRUE when the PaC that has passed an 609 EAP message to the EAP-layer does not receive a subsequent EAP 610 message from the the EAP-layer in a given period. This provides a 611 time limit for certain EAP methods where user interaction maybe 612 required. 614 6.4. Procedures 616 boolean eap_piggyback() 618 This procedures returns TRUE to indicate whether the next EAP 619 response will be carried in the pending PAN message for 620 optimization. 622 void alt_reject() 624 This procedure informs the EAP peer of an authentication failure 625 event without accompanying an EAP message. 627 void EAP_RespTimerStart() 629 A procedure to start a timer to receive an EAP-Response from the 630 EAP peer. 632 void EAP_RespTimerStop() 634 A procedure to stop a timer to receive an EAP-Response from the 635 EAP peer. 637 6.5. PaC State Transition Table 639 ------------------------------ 640 State: INITIAL (Initial State) 641 ------------------------------ 642 Initialization Action: 644 NONCE_SENT=Unset; 645 RTX_COUNTER=0; 646 RtxTimerStop(); 648 Exit Condition Exit Action Exit State 649 ------------------------+--------------------------+----------- 650 - - - - - - - - - - (PaC-initiated Handshake) - - - - - - - - - 651 AUTH_USER Tx:PCI[](); INITIAL 652 RtxTimerStart(); 653 SessionTimerReStart 654 (FAILED_SESS_TIMEOUT); 655 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 657 - - - - - - -(PAA-initiated Handshake, not optimized) - - - - - 658 Rx:PAR[S] && Tx:PAN[S](); WAIT_PAA 659 !PAR.exist_avp EAP_Restart(); 660 ("EAP-Payload") SessionTimerReStart 661 (FAILED_SESS_TIMEOUT); 662 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 664 - - - - - - - -(PAA-initiated Handshake, optimized) - - - - - - 665 Rx:PAR[S] && EAP_Restart(); INITIAL 666 PAR.exist_avp TxEAP(); 667 ("EAP-Payload") && SessionTimerReStart 668 eap_piggyback() (FAILED_SESS_TIMEOUT); 670 Rx:PAR[S] && EAP_Restart(); WAIT_EAP_MSG 671 PAR.exist_avp TxEAP(); 672 ("EAP-Payload") && SessionTimerReStart 673 !eap_piggyback() (FAILED_SESS_TIMEOUT); 674 TxPAN[S](); 676 EAP_RESPONSE Tx:PAN[S]("EAP-Payload"); WAIT_PAA 677 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 679 --------------- 680 State: WAIT_PAA 681 --------------- 683 Exit Condition Exit Action Exit State 684 ------------------------+--------------------------+------------ 685 - - - - - - - - - - - - - - -(PAR-PAN exchange) - - - - - - - - 686 Rx:PAR[] && RtxTimerStop(); WAIT_EAP_MSG 687 !eap_piggyback() TxEAP(); 688 EAP_RespTimerStart(); 689 if (NONCE_SENT==Unset) { 690 NONCE_SENT=Set; 691 Tx:PAN[]("Nonce"); 692 } 693 else 694 Tx:PAN[](); 696 Rx:PAR[] && RtxTimerStop(); WAIT_EAP_MSG 697 eap_piggyback() TxEAP(); 698 EAP_RespTimerStart(); 700 Rx:PAN[] RtxTimerStop(); WAIT_PAA 702 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 703 - - - - - - - - - - - - - - -(PANA result) - - - - - - - - - - 704 Rx:PAR[C] && TxEAP(); WAIT_EAP_RESULT 705 PAR.RESULT_CODE== 706 PANA_SUCCESS 708 Rx:PAR[C] && if (PAR.exist_avp WAIT_EAP_RESULT_ 709 PAR.RESULT_CODE!= ("EAP-Payload")) CLOSE 710 PANA_SUCCESS TxEAP(); 711 else 712 alt_reject(); 713 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 715 ------------------- 716 State: WAIT_EAP_MSG 717 ------------------- 719 Exit Condition Exit Action Exit State 720 ------------------------+--------------------------+------------ 721 - - - - - - - - - - (Return PAN/PAR from EAP) - - - - - - - - - 722 EAP_RESPONSE && EAP_RespTimerStop() WAIT_PAA 723 eap_piggyback() if (NONCE_SENT==Unset) { 724 Tx:PAN[]("EAP-Payload", 725 "Nonce"); 726 NONCE_SENT=Set; 727 } 728 else 729 Tx:PAN[]("EAP-Payload"); 731 EAP_RESPONSE && EAP_RespTimerStop() WAIT_PAA 732 !eap_piggyback() Tx:PAR[]("EAP-Payload"); 733 RtxTimerStart(); 735 EAP_RESP_TIMEOUT && Tx:PAN[](); WAIT_PAA 736 eap_piggyback() 737 EAP_FAILURE SessionTimerStop(); CLOSED 738 Disconnect(); 739 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 741 ---------------------- 742 State: WAIT_EAP_RESULT 743 ---------------------- 745 Exit Condition Exit Action Exit State 746 ------------------------+--------------------------+------------ 747 - - - - - - - - - - - - - (EAP Result) - - - - - - - - - - - - - 748 EAP_SUCCESS if (PAR.exist_avp OPEN 749 ("Key-Id")) 750 Tx:PAN[C]("Key-Id"); 751 else 752 Tx:PAN[C](); 753 Authorize(); 754 SessionTimerReStart 755 (LIFETIME_SESS_TIMEOUT); 757 EAP_FAILURE Tx:PAN[C](); CLOSED 758 SessionTimerStop(); 759 Disconnect(); 760 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 762 ---------------------------- 763 State: WAIT_EAP_RESULT_CLOSE 764 ---------------------------- 766 Exit Condition Exit Action Exit State 767 ------------------------+--------------------------+------------ 768 - - - - - - - - - - - - - (EAP Result) - - - - - - - - - - - - - 769 EAP_SUCCESS || if (EAP_SUCCESS && CLOSED 770 EAP_FAILURE PAR.exist_avp("Key-Id")) 771 Tx:PAN[C]("Key-Id"); 772 else 773 Tx:PAN[C](); 774 SessionTimerStop(); 775 Disconnect(); 776 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 778 ----------- 779 State: OPEN 780 ----------- 782 Exit Condition Exit Action Exit State 783 ------------------------+--------------------------+------------ 784 - - - - - - - - - - (liveness test initiated by PaC)- - - - - - 785 PANA_PING Tx:PNR[P](); WAIT_PNA 786 RtxTimerStart(); 787 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 788 - - - - - - - - - (re-authentication initiated by PaC)- - - - - - 789 REAUTH NONCE_SENT=Unset; WAIT_PNA 790 Tx:PNR[A](); 791 RtxTimerStart(); 792 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 793 - - - - - - - - - (re-authentication initiated by PAA)- - - - - - 794 Rx:PAR[] EAP_RespTimerStart(); WAIT_EAP_MSG 795 TxEAP(); 796 if (!eap_piggyback()) 797 Tx:PAN[]("Nonce"); 798 else 799 NONCE_SENT=Unset; 800 SessionTimerReStart 801 (FAILED_SESS_TIMEOUT); 802 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 803 - - - - - - - -(Session termination initiated by PAA) - - - - - - 804 Rx:PTR[] Tx:PTA[](); CLOSED 805 SessionTimerStop(); 806 Disconnect(); 807 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 808 - - - - - - - -(Session termination initiated by PaC) - - - - - - 809 TERMINATE Tx:PTR[](); SESS_TERM 810 RtxTimerStart(); 811 SessionTimerStop(); 812 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 814 --------------- 815 State: WAIT_PNA 816 --------------- 818 Exit Condition Exit Action Exit State 819 ------------------------+--------------------------+------------ 820 - - - - - - - - -(re-authentication initiated by PaC) - - - - - 821 Rx:PNA[A] RtxTimerStop(); WAIT_PAA 822 SessionTimerReStart 823 (FAILED_SESS_TIMEOUT); 824 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 825 - - - - - - - - -(liveness test initiated by PaC) - - - - - - - 826 Rx:PNA[P] RtxTimerStop(); OPEN 827 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 829 ---------------- 830 State: SESS_TERM 831 ---------------- 832 Exit Condition Exit Action Exit State 833 ------------------------+--------------------------+------------ 834 - - - - - - - -(Session termination initiated by PaC) - - - - - 835 Rx:PTA[] Disconnect(); CLOSED 836 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 838 7. PAA State Machine 840 7.1. Interface between PAA and EAP Authenticator 842 The interface between a PAA and an EAP authenticator provides a 843 mechanism to deliver EAP messages for the EAP authenticator as well 844 as a mechanism to notify the EAP authenticator of PAA events and to 845 receive notification of EAP authenticator events. These message 846 delivery and event notification mechanisms occur only within context 847 of their associated states or exit actions. 849 7.1.1. EAP Restart Notification from PAA to EAP Authenticator 851 An EAP authenticator state machine defined in [RFC4137] has an 852 initialization procedure before sending the first EAP request. To 853 initialize the EAP state machine, the PAA state machine defines an 854 event notification mechanism to send an EAP (re)start event to the 855 EAP peer. The event notification is done via EAP_Restart() procedure 856 in the initialization action of the PAA state machine. 858 7.1.2. Delivering EAP Responses from PAA to EAP Authenticator 860 TxEAP() procedure in the PAA state machine serves as the mechanism to 861 deliver EAP-Responses contained in PANA-Auth-Answer messages to the 862 EAP authenticator. This procedure is enabled only after an EAP 863 restart event is notified to the EAP authenticator and before any 864 event resulting in a termination of the EAP authenticator session. 865 In the case where the EAP authenticator follows the EAP authenticator 866 state machines defined in [RFC4137], TxEAP() procedure sets eapResp 867 variable of the EAP authenticator state machine and puts the EAP 868 response in eapRespData variable of the EAP authenticator state 869 machine. 871 7.1.3. Delivering EAP Messages from EAP Authenticator to PAA 873 An EAP request is delivered from the EAP authenticator to the PAA via 874 EAP_REQUEST event variable. The event variable is set when the EAP 875 authenticator passes the EAP request to its lower-layer. In the case 876 where the EAP authenticator follows the EAP authenticator state 877 machines defined in [RFC4137], EAP_REQUEST event variable refers to 878 eapReq variable of the EAP authenticator state machine and the EAP 879 request is contained in eapReqData variable of the EAP authenticator 880 state machine. 882 7.1.4. EAP Authentication Result Notification from EAP Authenticator to 883 PAA 885 In order for the EAP authenticator to notify the PAA of the EAP 886 authentication result, EAP_SUCCESS, EAP_FAILURE and EAP_TIMEOUT event 887 variables are defined. In the case where the EAP authenticator 888 follows the EAP authenticator state machines defined in [RFC4137], 889 EAP_SUCCESS, EAP_FAILURE and EAP_TIMEOUT event variables refer to 890 eapSuccess, eapFail and eapTimeout variables of the EAP authenticator 891 state machine, respectively. In this case, if EAP_SUCCESS event 892 variable is set to TRUE, an EAP-Success message is contained in 893 eapReqData variable of the EAP authenticator state machine, and 894 additionally, eapKeyAvailable variable is set to TRUE and eapKeyData 895 variable contains a AAA-Key if the AAA-Key is generated as a result 896 of successful authentication by the EAP authentication method in use. 897 Similarly, if EAP_FAILURE event variable is set to TRUE, an EAP- 898 Failure message is contained in eapReqData variable of the EAP 899 authenticator state machine. The PAA uses EAP_SUCCESS, EAP_FAILURE 900 and EAP_TIMEOUT event variables as a trigger to send a PAR message to 901 the PaC. 903 7.2. Variables 905 OPTIMIZED_INIT 907 This variable indicates whether the PAA is able to piggyback an 908 EAP-Request in the initial PANA-Auth-Request. Otherwise it is set 909 to FALSE. 911 PAC_FOUND 913 This variable is set to TRUE as a result of a PAA initiated 914 handshake. 916 REAUTH_TIMEOUT 918 This event variable is set to TRUE to indicate that the PAA 919 initiates a re-authentication with the PaC. The re-authentication 920 timeout should be set to a value less than the session timeout 921 carried in the Session-Lifetime AVP if present. 923 EAP_SUCCESS 925 This event variable is set to TRUE when EAP conversation completes 926 with success. This event accompanies an EAP- Success message 927 passed from the EAP authenticator. 929 EAP_FAILURE 931 This event variable is set to TRUE when EAP conversation completes 932 with failure. This event accompanies an EAP- Failure message 933 passed from the EAP authenticator. 935 EAP_REQUEST 937 This event variable is set to TRUE when the EAP authenticator 938 delivers an EAP Request to the PAA. This event accompanies an 939 EAP-Request message received from the EAP authenticator. 941 EAP_TIMEOUT 943 This event variable is set to TRUE when EAP conversation times out 944 without generating an EAP-Success or an EAP-Failure message. This 945 event does not accompany any EAP message. 947 7.3. Procedures 949 boolean new_key_available() 951 A procedure to check whether the PANA session has a new 952 PANA_AUTH_KEY. If the state machine already have a PANA_AUTH_KEY, 953 it returns FALSE. If the state machine does not have a 954 PANA_AUTH_KEY, it tries to retrieve a AAA-Key from the EAP entity. 955 If a AAA-Key has been retrieved, it computes a PANA_AUTH_KEY from 956 the AAA-Key and returns TRUE. Otherwise, it returns FALSE. 958 7.4. PAA State Transition Table 960 ------------------------------ 961 State: INITIAL (Initial State) 962 ------------------------------ 964 Initialization Action: 966 OPTIMIZED_INIT=Set|Unset; 967 NONCE_SENT=Unset; 968 RTX_COUNTER=0; 969 RtxTimerStop(); 971 Exit Condition Exit Action Exit State 972 ------------------------+--------------------------+------------ 973 - - - - - - - - (PCI and PAA initiated PANA) - - - - - - - - - 974 (Rx:PCI[] || if (OPTIMIZED_INIT == INITIAL 975 PAC_FOUND) Set) { 976 EAP_Restart(); 977 SessionTimerReStart 978 (FAILED_SESS_TIMEOUT); 979 } 980 else 981 Tx:PAR[S](); 983 EAP_REQUEST Tx:PAR[S]("EAP-Payload"); INITIAL 984 RtxTimerStart(); 985 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 987 - - - - - - - - - - - - - - (PAN Handling) - - - - - - - - - - 988 Rx:PAN[S] && if (PAN.exist_avp WAIT_EAP_MSG 989 ((OPTIMIZED_INIT == ("EAP-Payload")) 990 Unset) || TxEAP(); 991 PAN.exist_avp else { 992 ("EAP-Payload")) EAP_Restart(); 993 SessionTimerReStart 994 (FAILED_SESS_TIMEOUT); 995 } 997 Rx:PAN[S] && None(); WAIT_PAN_OR_PAR 998 (OPTIMIZED_INIT == 999 Set) && 1000 ! PAN.exist_avp 1001 ("EAP-Payload") 1003 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1005 ------------------- 1006 State: WAIT_EAP_MSG 1007 ------------------- 1009 Exit Condition Exit Action Exit State 1010 ------------------------+--------------------------+------------ 1011 - - - - - - - - - - - -(Receiving EAP-Request)- - - - - - - - - 1012 EAP_REQUEST if (NONCE_SENT==Unset) { WAIT_PAN_OR_PAR 1013 Tx:PAR[]("Nonce", 1014 "EAP-Payload"); 1015 NONCE_SENT=Set; 1016 } 1017 else 1018 Tx:PAR[]("EAP-Payload"); 1019 RtxTimerStart(); 1020 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1021 - - - - - - - - - - -(Receiving EAP-Success/Failure) - - - - - 1022 EAP_FAILURE PAR.RESULT_CODE = WAIT_FAIL_PAN 1023 PANA_AUTHENTICATION_ 1024 REJECTED; 1025 Tx:PAR[C]("EAP-Payload"); 1026 RtxTimerStart(); 1027 SessionTimerStop(); 1029 EAP_SUCCESS && PAR.RESULT_CODE = WAIT_SUCC_PAN 1030 Authorize() PANA_SUCCESS; 1031 if (new_key_available()) 1032 Tx:PAR[C]("EAP-Payload", 1033 "Key-Id", "Algorithm"); 1034 else 1035 Tx:PAR[C]("EAP-Payload"); 1036 RtxTimerStart(); 1038 EAP_SUCCESS && PAR.RESULT_CODE = WAIT_FAIL_PAN 1039 !Authorize() PANA_AUTHORIZATION_ 1040 REJECTED; 1041 if (new_key_available()) 1042 Tx:PAR[C]("EAP-Payload", 1043 "Key-Id", "Algorithm"); 1044 else 1045 Tx:PAR[C]("EAP-Payload"); 1046 RtxTimerStart(); 1047 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1048 - - - - - (Receiving EAP-Timeout or invalid message) - - - - - 1049 EAP_TIMEOUT SessionTimerStop(); CLOSED 1050 Disconnect(); 1051 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1053 -------------------- 1054 State: WAIT_SUCC_PAN 1055 -------------------- 1057 Event/Condition Action Exit State 1058 ------------------------+--------------------------+------------ 1059 - - - - - - - - - - - - - (PAN Processing)- - - - - - - - - - - 1060 Rx:PAN[C] RtxTimerStop(); OPEN 1061 SessionTimerReStart 1062 (LIFETIME_SESS_TIMEOUT); 1063 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1065 -------------------- 1066 State: WAIT_FAIL_PAN 1067 -------------------- 1069 Exit Condition Exit Action Exit State 1070 ------------------------+--------------------------+------------ 1071 - - - - - - - - - - - - - - (PAN Processing)- - - - - - - - - - 1072 Rx:PAN[C] RtxTimerStop(); CLOSED 1073 Disconnect(); 1074 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1076 ----------- 1077 State: OPEN 1078 ----------- 1079 Event/Condition Action Exit State 1080 ------------------------+--------------------------+------------ 1081 - - - - - - - - (re-authentication initiated by PaC) - - - - - - 1082 Rx:PNR[A] NONCE_SENT=Unset; WAIT_EAP_MSG 1083 EAP_Restart(); 1084 Tx:PNA[A](); 1085 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1086 - - - - - - - - (re-authentication initiated by PAA)- - - - - - 1087 REAUTH || NONCE_SENT=Unset; WAIT_EAP_MSG 1088 REAUTH_TIMEOUT EAP_Restart(); 1090 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1091 - - (liveness test based on PNR-PNA exchange initiated by PAA)- 1092 PANA_PING Tx:PNR[P](); WAIT_PNA_PING 1093 RtxTimerStart(); 1094 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1095 - - - - - - - - (Session termination initated from PAA) - - - - 1096 TERMINATE Tx:PTR[](); SESS_TERM 1097 SessionTimerStop(); 1098 RtxTimerStart(); 1099 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1100 - - - - - - - - (Session termination initated from PaC) - - - - 1101 Rx:PTR[] Tx:PTA[](); CLOSED 1102 SessionTimerStop(); 1103 Disconnect(); 1104 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1106 -------------------- 1107 State: WAIT_PNA_PING 1108 -------------------- 1110 Exit Condition Exit Action Exit State 1111 ------------------------+--------------------------+------------ 1112 - - - - - - - - - - - - - -(PNA processing) - - - - - - - - - - 1113 Rx:PNA[P] RtxTimerStop(); OPEN 1114 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1116 ---------------------- 1117 State: WAIT_PAN_OR_PAR 1118 ---------------------- 1120 Exit Condition Exit Action Exit State 1121 ------------------------+--------------------------+------------ 1122 - - - - - - - - - - - - - (PAR Processing)- - - - - - - - - - - 1123 Rx:PAR[] TxEAP(); WAIT_EAP_MSG 1124 RtxTimerStop(); 1125 Tx:PAN[](); 1126 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1127 - - - - - - (Pass EAP Response to the EAP authenticator)- - - - 1128 Rx:PAN[] && TxEAP(); WAIT_EAP_MSG 1129 PAN.exist_avp RtxTimerStop(); 1130 ("EAP-Payload") 1131 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1132 - - - - - - - - - - (PAN without an EAP response) - - - - - - - 1133 Rx:PAN[] && RtxTimerStop(); WAIT_PAN_OR_PAR 1134 !PAN.exist_avp 1135 ("EAP-Payload") 1136 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1137 - - - - - - - - - - - -(EAP retransmission) - - - - - - - - - - 1138 EAP_REQUEST RtxTimerStop(); WAIT_PAN_OR_PAR 1139 Tx:PAR[]("EAP-Payload"); 1140 RtxTimerStart(); 1141 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1142 - - - - - - - (EAP authentication timeout or failure)- - - - - 1143 EAP_FAILURE || RtxTimerStop(); CLOSED 1144 EAP_TIMEOUT SessionTimerStop(); 1145 Disconnect(); 1146 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1148 ---------------- 1149 State: SESS_TERM 1150 ---------------- 1152 Exit Condition Exit Action Exit State 1153 ------------------------+--------------------------+------------ 1154 - - - - - - - - - - - - - -(PTA processing) - - - - - - - - - - 1155 Rx:PTA[] RtxTimerStop(); CLOSED 1156 Disconnect(); 1157 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1159 8. Implementation Considerations 1161 8.1. PAA and PaC Interface to Service Management Entity 1163 In general, it is assumed in each device that has a PANA protocol 1164 stack that there is a Service Management Entity (SME) that manages 1165 the PANA protocol stack. It is recommended that a generic interface 1166 (i.e., the SME-PANA interface) between the SME and the PANA protocol 1167 stack be provided by the implementation. Especially, common 1168 procedures such as startup, shutdown, re-authenticate signals and 1169 provisions for extracting keying material should be provided by such 1170 an interface. The SME-PANA interface in a PAA device should also 1171 provide a method for communicating filtering parameters to the EP(s). 1172 When cryptographic filtering is used, the filtering parameters 1173 include keying material used for bootstrapping per-packet ciphering. 1174 When a PAA device interacts with the backend authentication server 1175 using a AAA protocol, its SME may also have an interface to the AAA 1176 protocol to obtain authorization parameters such as the authorization 1177 lifetime and additional filtering parameters. 1179 9. Security Considerations 1181 This document's intent is to describe the PANA state machines fully. 1182 To this end, any security concerns with this document are likely a 1183 reflection of security concerns with PANA itself. 1185 10. IANA Considerations 1187 This document has no actions for IANA. 1189 11. Acknowledgments 1191 This work was started from state machines originally made by Dan 1192 Forsberg. 1194 12. References 1196 12.1. Normative References 1198 [I-D.ietf-pana-pana] 1199 Forsberg, D., "Protocol for Carrying Authentication for 1200 Network Access (PANA)", draft-ietf-pana-pana-17 (work in 1201 progress), June 2007. 1203 [I-D.ietf-pana-mobopts] 1204 Forsberg, D., "PANA Mobility Optimizations", 1205 draft-ietf-pana-mobopts-01 (work in progress), 1206 October 2005. 1208 12.2. Informative References 1210 [RFC4137] Vollbrecht, J., Eronen, P., Petroni, N., and Y. Ohba, 1211 "State Machines for Extensible Authentication Protocol 1212 (EAP) Peer and Authenticator", RFC 4137, August 2005. 1214 Authors' Addresses 1216 Victor Fajardo (editor) 1217 Toshiba America Research, Inc. 1218 1 Telcordia Drive 1219 Piscataway, NJ 08854 1220 USA 1222 Phone: +1 732 699 5368 1223 Email: vfajardo@tari.toshiba.com 1225 Yoshihiro Ohba 1226 Toshiba America Research, Inc. 1227 1 Telcordia Drive 1228 Piscataway, NJ 08854 1229 USA 1231 Phone: +1 732 699 5305 1232 Email: yohba@tari.toshiba.com 1234 Rafa Marin Lopez 1235 University of Murcia 1236 30071 Murcia 1237 Spain 1239 Email: rafa@dif.um.es 1241 Full Copyright Statement 1243 Copyright (C) The IETF Trust (2007). 1245 This document is subject to the rights, licenses and restrictions 1246 contained in BCP 78, and except as set forth therein, the authors 1247 retain all their rights. 1249 This document and the information contained herein are provided on an 1250 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1251 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 1252 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 1253 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 1254 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1255 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1257 Intellectual Property 1259 The IETF takes no position regarding the validity or scope of any 1260 Intellectual Property Rights or other rights that might be claimed to 1261 pertain to the implementation or use of the technology described in 1262 this document or the extent to which any license under such rights 1263 might or might not be available; nor does it represent that it has 1264 made any independent effort to identify any such rights. Information 1265 on the procedures with respect to rights in RFC documents can be 1266 found in BCP 78 and BCP 79. 1268 Copies of IPR disclosures made to the IETF Secretariat and any 1269 assurances of licenses to be made available, or the result of an 1270 attempt made to obtain a general license or permission for the use of 1271 such proprietary rights by implementers or users of this 1272 specification can be obtained from the IETF on-line IPR repository at 1273 http://www.ietf.org/ipr. 1275 The IETF invites any interested party to bring to its attention any 1276 copyrights, patents or patent applications, or other proprietary 1277 rights that may cover technology that may be required to implement 1278 this standard. Please address the information to the IETF at 1279 ietf-ipr@ietf.org. 1281 Acknowledgment 1283 Funding for the RFC Editor function is provided by the IETF 1284 Administrative Support Activity (IASA).