idnits 2.17.1 draft-ohba-mobopts-mpa-framework-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1.a on line 20. -- Found old boilerplate from RFC 3978, Section 5.5 on line 1534. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1511. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1518. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1524. ** The document seems to lack an RFC 3978 Section 5.1 IPR Disclosure Acknowledgement. ** This document has an original RFC 3978 Section 5.4 Copyright Line, instead of the newer IETF Trust Copyright according to RFC 4748. ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead of the newer disclaimer which includes the IETF Trust according to RFC 4748. ** The document uses RFC 3667 boilerplate or RFC 3978-like boilerplate instead of verbatim RFC 3978 boilerplate. After 6 May 2005, submission of drafts without verbatim RFC 3978 boilerplate is not accepted. The following non-3978 patterns matched text found in the document. That text should be removed or replaced: This document is an Internet-Draft and is subject to all provisions of Section 3 of RFC 3667. By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 49 instances of too long lines in the document, the longest one being 12 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 412: '... protocol MUST be able to derive a k...' RFC 2119 keyword, line 413: '...cation agent and SHOULD be able to pro...' RFC 2119 keyword, line 414: '...hentication protocol SHOULD be able to...' RFC 2119 keyword, line 420: '...d/or network-layer ciphers MAY also be...' RFC 2119 keyword, line 428: '... protocol MUST be protected using a ...' (2 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 566 has weird spacing: '...andover post-...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 13, 2005) is 7010 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RG98' is defined on line 1368, but no explicit reference was found in the text == Unused Reference: 'ITU98' is defined on line 1372, but no explicit reference was found in the text ** Obsolete normative reference: RFC 3344 (Obsoleted by RFC 5944) ** Obsolete normative reference: RFC 3775 (Obsoleted by RFC 6275) == Outdated reference: A later version (-11) exists of draft-ietf-mobileip-lowlatency-handoffs-v4-09 ** Downref: Normative reference to an Experimental draft: draft-ietf-mobileip-lowlatency-handoffs-v4 (ref. 'I-D.ietf-mobileip-lowlatency-handoffs-v4') ** Downref: Normative reference to an Experimental draft: draft-ietf-mipshop-fast-mipv6 (ref. 'I-D.ietf-mipshop-fast-mipv6') ** Downref: Normative reference to an Experimental draft: draft-ietf-seamoby-card-protocol (ref. 'I-D.ietf-seamoby-card-protocol') ** Downref: Normative reference to an Experimental draft: draft-ietf-seamoby-ctp (ref. 'I-D.ietf-seamoby-ctp') == Outdated reference: A later version (-22) exists of draft-ietf-eap-keying-04 == Outdated reference: A later version (-18) exists of draft-ietf-pana-pana-07 -- Possible downref: Non-RFC (?) normative reference: ref. 'RG98' -- Possible downref: Non-RFC (?) normative reference: ref. 'ITU98' -- Possible downref: Non-RFC (?) normative reference: ref. 'ETSI' == Outdated reference: A later version (-08) exists of draft-ietf-mobike-design-01 == Outdated reference: A later version (-10) exists of draft-ietf-hip-base-01 -- Obsolete informational reference (is this intentional?): RFC 2679 (Obsoleted by RFC 7679) -- Obsolete informational reference (is this intentional?): RFC 2680 (Obsoleted by RFC 7680) Summary: 14 errors (**), 0 flaws (~~), 10 warnings (==), 12 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 MOBOPTS Research Group A. Dutta 2 Internet-Draft Telcordia 3 Expires: August 14, 2005 Y. Ohba (Ed.) 4 K. Taniuchi 5 TARI 6 H. Schulzrinne 7 Columbia Univ. 8 February 13, 2005 10 A Framework of Media-Independent Pre-Authentication (MPA) 11 draft-ohba-mobopts-mpa-framework-00 13 Status of this Memo 15 This document is an Internet-Draft and is subject to all provisions 16 of section 3 of RFC 3667. By submitting this Internet-Draft, each 17 author represents that any applicable patent or other IPR claims of 18 which he or she is aware have been or will be disclosed, and any of 19 which he or she become aware will be disclosed, in accordance with 20 RFC 3668. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that 24 other groups may also distribute working documents as 25 Internet-Drafts. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 The list of current Internet-Drafts can be accessed at 33 http://www.ietf.org/ietf/1id-abstracts.txt. 35 The list of Internet-Draft Shadow Directories can be accessed at 36 http://www.ietf.org/shadow.html. 38 This Internet-Draft will expire on August 14, 2005. 40 Copyright Notice 42 Copyright (C) The Internet Society (2005). 44 Abstract 46 This document describes a framework of Media-independent 47 Pre-Authentication (MPA), a new handover optimization mechanism that 48 has a potential to address issues on existing mobility management 49 protocols and mobility optimization mechanisms. MPA is a 50 mobile-assisted, secure handover optimization scheme that works over 51 any link-layer and with any mobility management protocol. This 52 document also shows an initial implementation of MPA in our testbed 53 and some performance results to show how existing protocols could be 54 leveraged to realize the functionalities of MPA. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 59 1.1 Performance Requirements . . . . . . . . . . . . . . . . . 5 60 2. Existing Work Fast-handover . . . . . . . . . . . . . . . . . 7 61 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 9 62 4. MPA Framework . . . . . . . . . . . . . . . . . . . . . . . . 11 63 4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . 11 64 4.2 Functional Elements . . . . . . . . . . . . . . . . . . . 12 65 4.3 Basic Communication Flow . . . . . . . . . . . . . . . . . 12 66 5. Detailed Issues . . . . . . . . . . . . . . . . . . . . . . . 17 67 5.1 Discovery . . . . . . . . . . . . . . . . . . . . . . . . 17 68 5.2 Proactive IP address acquisition . . . . . . . . . . . . . 18 69 5.2.1 PANA-assisted proactive IP address acquisition . . . . 19 70 5.2.2 IKEv2-assisted proactive IP address acquisition . . . 19 71 5.2.3 Proactive IP address acquisition using DHCP only . . . 19 72 5.3 Address resolution issues . . . . . . . . . . . . . . . . 20 73 5.3.1 Proactive duplicate address detection . . . . . . . . 20 74 5.3.2 Proactive address resolution update . . . . . . . . . 21 75 5.4 Tunnel management . . . . . . . . . . . . . . . . . . . . 22 76 5.5 Binding Update . . . . . . . . . . . . . . . . . . . . . . 23 77 5.6 Preventing packet loss . . . . . . . . . . . . . . . . . . 23 78 5.7 Link-layer security and mobility . . . . . . . . . . . . . 24 79 5.8 Authentication in initial network attachment . . . . . . . 25 80 6. Initial Implementation and Results . . . . . . . . . . . . . . 26 81 6.1 Network structure . . . . . . . . . . . . . . . . . . . . 26 82 6.2 MPA Scenario . . . . . . . . . . . . . . . . . . . . . . . 27 83 6.3 Non-MPA Scenario . . . . . . . . . . . . . . . . . . . . . 29 84 6.4 The evaluation and the results . . . . . . . . . . . . . . 31 85 6.5 Notes . . . . . . . . . . . . . . . . . . . . . . . . . . 32 86 7. Security Considerations . . . . . . . . . . . . . . . . . . . 33 87 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 88 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35 89 9.1 Normative References . . . . . . . . . . . . . . . . . . . . 35 90 9.2 Informative References . . . . . . . . . . . . . . . . . . . 36 91 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 38 92 Intellectual Property and Copyright Statements . . . . . . . . 39 94 1. Introduction 96 As wireless technologies including cellular and wireless LAN are 97 popularly used, supporting terminal handovers across different types 98 of access networks, such as from a wireless LAN to CDMA or to GPRS is 99 considered as a clear challenge. On the other hand, supporting 100 terminal handovers between access networks of the same type is still 101 more challenging, especially when the handovers are across IP subnets 102 or administrative domains. To address those challenges, it is 103 important to provide terminal mobility that is agnostic to link-layer 104 technologies in an optimized and secure fashion without incurring 105 unreasonable complexity. In this document we discuss terminal 106 mobility that provides seamless handovers with low-latency and 107 low-loss. Seamless handovers are characterized in terms of 108 performance requirements as described in Section 1.1. 110 The basic part of terminal mobility is accomplished by a mobility 111 management protocol that maintains a binding between a locator and an 112 identifier of a mobile terminal, where the binding is referred to as 113 the mobility binding. The locator of the mobile node may dynamically 114 change when there is a movement of the mobile terminal. The movement 115 that causes a change of the locator may occur not only physically but 116 also logically. A mobility management protocol may be defined at any 117 layer. In the rest of this document, the term "mobility management 118 protocol" refers to a mobility management protocol which operates at 119 network layer or higher. 121 There are several mobility management protocols at different layers. 122 Mobile IP [RFC3344] and Mobile IPv6 [RFC3775] are mobility management 123 protocols that operate at network-layer. There are several ongoing 124 activities in the IETF to define mobility management protocols at 125 layers higher than network layer. For example, MOBIKE (IKEv2 126 Mobility and Multihoming) [I-D.ietf-mobike-design] is an extension to 127 IKEv2 that provides the ability to deal with a change of an IP 128 address of an IKEv2 end-point. HIP (the Host Identity Protocol) 129 [I-D.ietf-hip-base] defines a new protocol layer between network 130 layer and transport layer to provide terminal mobility in a way that 131 is transparent to both network layer and transport layer. Also, 132 SIP-Mobility is an extension to SIP to maintain the mobility binding 133 of a SIP user agent [SIPMM]. 135 While mobility management protocols maintain mobility bindings, using 136 them solely in their current form is not sufficient to provide 137 seamless handovers. An additional optimization mechanism that works 138 in the visited network of the mobile terminal to prevent loss of 139 outstanding packets transmitted while updating the mobility binding 140 is needed to achieve seamless handovers. Such a mechanism is 141 referred to as a mobility optimization mechanism. For example, 142 mobility optimization mechanisms 143 [I-D.ietf-mobileip-lowlatency-handoffs-v4] and 144 [I-D.ietf-mipshop-fast-mipv6] are defined for Mobile IPv4 and Mobile 145 IPv6, respectively, by allowing neighboring access routers to 146 communicate to carry information on mobile terminals. There are 147 protocols that are considered as "helpers" of mobility optimization 148 mechanisms. The CARD (Candidate Access Router Discovery Mechanism) 149 protocol [I-D.ietf-seamoby-card-protocol] is designed to discover 150 neighboring access routers. The CTP (Context Transfer Protocol) 151 [I-D.ietf-seamoby-ctp] is designed to carry state that is associated 152 with the services provided for the mobile terminal, or context, among 153 access routers. 155 There are several issues in existing mobility optimization 156 mechanisms. First, existing mobility optimization mechanisms are 157 tightly coupled with specific mobility management protocols. For 158 example, it is not possible to use mobility optimization mechanisms 159 designed for Mobile IPv4 or Mobile IPv6 for MOBIKE. What is strongly 160 desired is a single, unified mobility optimization mechanism that 161 works with any mobility management protocol. Second, there is no 162 existing mobility optimization mechanism that easily supports 163 handovers across administrative domains without assuming a 164 pre-established security association between administrative domains. 165 A mobility optimization mechanism should work across administrative 166 domains in a secure manner only based on a trust relationship between 167 a mobile node and each administrative domain. Third, a mobility 168 optimization mechanism needs to support not only multi-interface 169 terminals where multiple simultaneous connectivity through multiple 170 interfaces can be expected, but also single-interface terminals. 172 This document describes a framework of Media-independent 173 Pre-Authentication (MPA), a new handover optimization mechanism that 174 has a potential to address all those issues. MPA is a 175 mobile-assisted, secure handover optimization scheme that works over 176 any link-layer and with any mobility management protocol including 177 Mobile IPv4, Mobile IPv6, MOBIKE, HIP, SIP mobility, etc. In MPA, 178 the notion of IEEE 802.11i pre-authentication is extended to work at 179 higher layer, with additional mechanisms to perform early acquisition 180 of IP address from a network where the mobile terminal may move as 181 well as proactive handover to the network while the mobile terminal 182 is still attached to the current network. Since this document 183 focuses on the MPA framework, it is left to the future work to choose 184 actual set of protocols for MPA and define detailed operations. 185 Nevertheless, the document also shows an initial implementation of 186 MPA in our testbed and some performance results to show how existing 187 protocols could be leveraged to realize the functionalities of MPA. 189 1.1 Performance Requirements 191 In order to provide desirable quality of service for interactive VoIP 192 and streaming traffic, one needs to limit the value of end-to-end 193 delay, jitter and packet loss to a certain threshold level. ITU-T 194 and ITU-E standards define the acceptable values for these 195 parameters. For example for one-way delay, ITU-T G.114 recommends 196 150 ms as the upper limit for most of the applications, and 400 ms as 197 generally unacceptable delay. One way delay tolerance for video 198 conferencing is in the range of 200 to 300 ms. Also if an 199 out-of-order packet is received after a certain threshold it is 200 considered lost. References [RFC2679], [RFC2680] and 2681 [RFC2681] 201 describe some of the measurement techniques for delay and jitter. 202 Also if an out-of-order packet is received after a certain threshold 203 it is considered lost. 205 An end-to-end delay consists of several components, such as network 206 delay, OS delay, CODEC delay and application delay. Network delay 207 consists of transmission delay, propagation delay, queueing delay in 208 the intermediate routers. Operating System related delay consists of 209 scheduling behavior of the operating system in the sender and 210 receiver. CODEC delay is generally caused due to packetization and 211 depacketization at the sender and receiver end. Application delay is 212 mainly attributed to playout delay that helps compensate the delay 213 variation within a network. End-to-end delay and jitter values can 214 be adjusted using proper value of the playout buffer at the receiver 215 end. In case of interactive VoIP traffic end-to-end delay affects 216 the jitter value and is an important thing to consider. During a 217 mobile's frequent handover, transient traffic cannot reach the mobile 218 and this contributes to the jitter as well. If the end system has a 219 playout buffer, then this jitter is subsumed by the playout buffer 220 delay, but otherwise this adds to the delay for interactive traffic. 221 Packet loss is typically caused by congestion, routing instability, 222 link failure, lossy links such as wireless links. During a mobile's 223 handover a mobile is subjected to packet loss because of its change 224 in attachment to the network. Thus for both streaming traffic and 225 VoIP interactive traffic packet loss will contribute to the service 226 quality of the real-time application. Number of packets lost is 227 proportional to the delay during handover and rate of traffic the 228 mobile is receiving. Lost packets contribute to congestion in case 229 of TCP traffic because of re-transmission, but it does not add to any 230 congestion in case of streaming traffic that is RTP/UDP based. Thus 231 it is essential to reduce the packet loss and effect of handover 232 delay in any mobility management scheme. In Section 2, we describe 233 some of the fast-handover scheme that have tried to reduce the 234 handover. 236 According to ETSI TR 101 [ETSI] a normal voice conversation can 237 tolerate up to 2% packet loss. If a mobile is subjected to frequent 238 handoff during a conversation, each handoff will contribute to packet 239 loss for the period of handoff. Thus maximum loss during a 240 conversation needs to be reduced to a level that is acceptable. 241 There is no clear threshold value for packet loss for streaming 242 application, but it needs to be reduced as much as possible to 243 provide better quality of service to a specific application. 245 2. Existing Work Fast-handover 247 While basic mobility management protocols such as Mobile IP 248 [RFC3344], Mobile IPv6 [RFC3775], SIP-Mobility [SIPMM] offer solution 249 to provide continuity to TCP and RTP traffic, these are not optimized 250 to reduce the handover latency during mobile's frequent movement 251 between subnets and domains. In general these mobility management 252 protocols suffer from handover delays incurred at several layers such 253 as layer 2, layer 3 and application layer for updating the mobile's 254 mobility binding. 256 There have been several optimization techniques that apply to 257 currently mobility management schemes that try to reduce handover 258 delay and packet loss during a mobile's movement between cells, 259 subnet and domain. There are few micro-mobility management schemes 260 [CELLIP], [HAWAII], and intra-domain mobility management schemes such 261 as [IDMP], [I-D.ietf-mobileip-reg-tunnel] that provide fast-handover 262 by limiting the signaling updates within a domain. Fast Mobile IP 263 protocols for IPv4 and IPv6 networks 264 [I-D.ietf-mobileip-lowlatency-handoffs-v4], 265 [I-D.ietf-mipshop-fast-mipv6] provide fast-handover techniques that 266 utilize mobility information made available by the link layer 267 triggers. Yokota et al. [YOKOTA] proposes joint use of access point 268 and dedicated MAC bridge to provide fast-handover without altering 269 MIPv4 specification. [MACD] scheme reduces the delay due to MAC 270 layer handoff by providing a cache-based algorithm. 272 Some of the mobility management schemes use dual interfaces thus 273 providing make-before-break scenario [SUM]. In a make-before-break 274 situation communication usually continues with one interface, when 275 the secondary interface is in the process of getting connected. The 276 IEEE 802.21 working group is discussing these scenarios in details. 277 Providing fast-handover using a single interface needs more careful 278 design techniques than for a client with multiple interfaces. 279 [SIPFAST] provides an optimized handover scheme for SIP-based 280 mobility management, where the transient traffic is forwarded from 281 the old subnet to the new one by using an application layer 282 forwarding scheme. [MITH] provides a fast handover scheme for a 283 single interface case that uses mobile initiated tunneling between 284 the old foreign agent and new foreign agent. [MITH] defines two 285 types of handover schemes such as Pre-MIT and Post-MIT. Our MPA 286 scheme is very similar in nature to MITH's predictive scheme where 287 the mobile communicates with the foreign agent before actually moving 288 to the new network. However the proposed MPA scheme described in 289 this document is not limited to MIP type mobility protocol only and 290 in addition this scheme takes care of movement between domains and 291 performs pre-authentication in addition to proactive handover. Thus 292 the proposed scheme reduces the overall delay to close to link-layer 293 handover delay. 295 3. Terminology 297 Mobility Binding: 299 A binding between a locator and an identifier of a mobile 300 terminal. 302 Mobility Management Protocol (MMP): 304 A protocol that operates at network layer or higher to maintain a 305 binding between a locator and an identifier of a mobile terminal. 307 Binding Update: 309 A procedure to update a mobility binding. 311 Media-independent Pre-Authentication Mobile Node (MN): 313 A mobile terminal of media-independent pre-authentication (MPA) 314 which is a mobile-assisted, secure handover optimization scheme 315 that works over any link-layer and with any mobility management 316 protocol. An MPA mobile node is an IP node. In this document, 317 the term "mobile node" or "MN" without a modifier refers to "MPA 318 mobile node". An MPA mobile node usually has a functionality of a 319 mobile node of a mobility management protocol as well. 321 Candidate Target Network (CTN): 323 A network to which the mobile may move in the near future. 325 Target Network (TN): 327 The network to which the mobile has decided to move. The target 328 network is selected from one or more candidate target network. 330 Proactive Handover Tunnel (PHT): 332 A bidirectional IP tunnel that is established between the MPA 333 mobile node and an access router of the candidate target network. 334 In this document, the term "tunnel" without a modifier refers to 335 "proactive handover tunnel". 337 Point of Attachment (PoA): 339 A link-layer device (e.g., a switch, an access point or a base 340 station, etc.) that functions as a link-layer attachment point for 341 the MPA mobile node to a network. 343 Care-of Address (CoA): 345 An IP address used by a mobility management protocol as a locator 346 of the MPA mobile node. 348 4. MPA Framework 350 4.1 Overview 352 Media-independent Pre-Authentication (MPA) is a mobile-assisted, 353 secure handover optimization scheme that works over any link-layer 354 and with any mobility management protocol. With MPA, a mobile node 355 is not only able to securely obtain an IP address and other 356 configuration parameters from a candidate target network, but also 357 able to send and receive IP packets using the obtained IP address and 358 other configuration parameters, before it attaches to the candidate 359 target network when the candidate target network becomes the target 360 network. This makes it possible for the mobile node to complete the 361 binding update of any mobility management protocol and use the new 362 care-of address before performing a handover at link-layer. 364 This functionality is provided by allowing a mobile node, which has a 365 connectivity to the current network but is not yet attached to a 366 candidate target network, to (i) establish a security association 367 with the candidate target network to secure the subsequent protocol 368 executions, then (ii) securely execute a configuration protocol to 369 obtain an IP address and other configuration parameters from the 370 candidate target network as well as a tunnel management protocol to 371 establish a bidirectional tunnel between the mobile node and an 372 access router of the candidate target network, then (iii) send and 373 receive IP packets, including signaling messages for binding update 374 of a mobility management protocol and data packets transmitted after 375 completion of binding update, over the tunnel using the obtained IP 376 address as the tunnel inner address, and finally (iv) deleting or 377 disabling the tunnel immediately before attaching to the candidate 378 target network when it becomes the target network and then 379 re-assigning the inner address of the deleted or disabled tunnel to 380 its physical interface immediately after the mobile node is attached 381 to the target network through the interface. Instead of deleting or 382 disabling the tunnel before attaching to the the target network, the 383 tunnel may be deleted or disabled immediately after being attached to 384 the target network. 386 Especially, the third procedure makes it possible for the mobile to 387 complete higher-layer handover before starting link-layer handover. 388 This means that the mobile is able to send and receive data packets 389 transmitted after completion of binding update over the tunnel, while 390 it is still able to send and receive data packets transmitted before 391 completion of binding update outside the tunnel. 393 In the above four basic procedures of MPA, the first procedure is 394 referred to as "pre-authentication", the second procedure is referred 395 to as "pre-configuration", the combination of the third and fourth 396 procedures are referred to as "secure proactive handover". The 397 security association established through pre-authentication is 398 referred to as an "MPA-SA". The tunnel established through 399 pre-configuration is referred to as a "proactive handover tunnel". 401 4.2 Functional Elements 403 In the MPA framework, the following functional elements are expected 404 to reside in each candidate target network to communicate with a 405 mobile node: Authentication Agent (AA), Configuration Agent (CA) and 406 Access Router (AR). Some or all of those elements can be placed in a 407 single network device or in separate network devices. 409 An authentication agent is responsible for pre-authentication. An 410 authentication protocol is executed between the mobile node and the 411 authentication agent to establish an MPA-SA. The authentication 412 protocol MUST be able to derive a key between the mobile node and the 413 authentication agent and SHOULD be able to provide mutual 414 authentication. The authentication protocol SHOULD be able to 415 interact with a AAA protocol such as RADIUS and Diameter to carry 416 authentication credentials to an appropriate authentication server in 417 the AAA infrastructure. The derived key is used for further deriving 418 keys used for protecting message exchanges used for pre-configuration 419 and secure proactive handover. Other keys that are used for 420 bootstrapping link-layer and/or network-layer ciphers MAY also be 421 derived from the MPA-SA. A protocol that can carry EAP [RFC3748] 422 would be suitable as an authentication protocol for MPA. 424 A configuration agent is responsible for one part of 425 pre-configuration, namely securely executing a configuration protocol 426 to securely deliver an IP address and other configuration parameters 427 to the mobile node. The signaling messages of the configuration 428 protocol MUST be protected using a key derived from the key 429 corresponding to the MPA-SA. 431 An access router is a router that is responsible for the other part 432 of pre-configuration, i.e., securely executing a tunnel management 433 protocol to establish a proactive handover tunnel to the mobile node, 434 and secure proactive handover using the proactive handover tunnel. 435 The signaling messages of the configuration protocol MUST be 436 protected using a key derived from the key corresponding to the 437 MPA-SA. IP packets transmitted over the proactive handover tunnel 438 SHOULD be protected using a key derived from the key corresponding to 439 the MPA-SA. 441 4.3 Basic Communication Flow 443 Assume that the mobile node is already connected to a point of 444 attachment, say oPoA (old point of attachment), and assigned a 445 care-of address, say oCoA (old care-of address). The communication 446 flow of MPA is described as follows. Throughout the communication 447 flow, data packet loss should not occur except for the period during 448 the switching procedure in Step 5, and it is the responsibility of 449 link-layer handover to minimize packet loss during this period. 451 Step 1 (pre-authentication phase): The mobile node finds a candidate 452 target network through some discovery process and obtains the IP 453 addresses, an authentication agent, a configuration agent and an 454 access router in the candidate target network by some means. The 455 mobile node performs pre-authentication with the authentication 456 agent. If the pre-authentication is successful, an MPA-SA is created 457 between the mobile node and the authentication agent. Two keys are 458 derived from the MPA-SA, namely an MN-CA key and an MN-AR key, which 459 are used to protect subsequent signaling messages of a configuration 460 protocol and a tunnel management protocol, respectively. The MN-CA 461 key and the MN-AR key are then securely delivered to the 462 configuration agent and the access router, respectively. 464 Step 2 (pre-configuration phase): The mobile node realizes that its 465 point of attachment is likely to change from oPoA to a new one, say 466 nPoA (new point of attachment). It then performs pre-configuration, 467 with the configuration agent using the configuration protocol to 468 obtain an IP address, say nCoA (new care-of address), and other 469 configuration parameters from the candidate target network, and with 470 the access router using the tunnel management protocol to establish a 471 proactive handover tunnel. In the tunnel management protocol, the 472 mobile node registers oCoA and nCoA as the tunnel outer address and 473 the tunnel inner address, respectively. The signaling messages of 474 the pre-configuration protocol are protected using the MN-CA key and 475 the MN-AR key. When the configuration and the access router are 476 co-located in the same device, the two protocols may be integrated 477 into a single protocol like IKEv2. After completion of the tunnel 478 establishment, the mobile node is able to communicate using both oCoA 479 and nCoA by the end of Step 4. 481 Step 3 (secure proactive handover main phase): The mobile node 482 determines to switch to the new point of attachment by some means. 483 Before the mobile node switches to the new point of attachment, it 484 starts secure proactive handover by executing binding update of a 485 mobility management protocol and transmitting subsequent data traffic 486 over the tunnel (main phase). 488 Step 4 (secure proactive handover pre-switching phase): The mobile 489 node completes binding update and becomes ready to switch to the new 490 point of attachment point. The mobile may execute the tunnel 491 management protocol to delete or disable the proactive handover 492 tunnel and cache nCoA after deletion or disabling of the tunnel. The 493 decision as to when the mobile node is ready to switch to the new 494 point of attachment depends on handover policy. 496 Step 5 (switching): It is expected that a link-layer handover occurs 497 in this step. 499 Step 6 (secure proactive handover post-switching phase): The mobile 500 node executes the switching procedure. Upon successful completion of 501 the switching procedure, the mobile node immediately restores the 502 cached nCoA and assigns it to the physical interface attached to the 503 new point of attachment. If the proactive handover tunnel was not 504 deleted or disabled in Step 4, the tunnel is deleted or disabled as 505 well. After this, direct transmission of data packets using nCoA is 506 possible without using a proactive handover tunnel. 508 +-----------------------------------+ 509 | Candidate Target Network | 510 | (Future Target Network) | IP address(es) 511 MN oPoA | nPoA AA CA AR | Available for 512 | | | | | | | | Use by MN 513 | | +-----------------------------------+ 514 | | | | | | . 515 +---------------+ | | | | | . 516 |(1) Found a CTN| | | | | | . 517 +---------------+ | | | | | | 518 | Pre-authentication | | | | 519 | [authentication protocol] | | | 520 |<--------+------------->|MN-CA key| | | 521 | | | |-------->|MN-AR key| | 522 +--------------------+ | | |------------------>| | 523 |(2) Increased chance| | | | | | [oCoA] 524 |to switch to the CTN| | | | | | | 525 +--------------------+ | | | | | | 526 | | | | | | | 527 | Pre-configuration | | | | 528 | [configuration protocol to get nCoA] | | 529 |<--------+----------------------->| | | 530 | Pre-configuration | | | | 531 | [tunnel management protocol to establish PHT] V 532 |<--------+--------------------------------->| 533 | | | | | | ^ 534 +-----------------+ | | | | | | 535 |(3) Determined to| | | | | | | 536 |switch to the CTN| | | | | | | 537 +-----------------+ | | | | | | 538 | | | | | | | 539 | Secure proactive handover main phase | | 540 | [execution of binding update of MMP and | | 541 | transmission of data packets through AR | [oCoA, nCoA] 542 | based on nCoA over the PHT] | | | 543 |<<=======+=================================>+--->... | 544 . . . . . . . 545 . . . . . . . 546 . . . . . . . 548 Figure 1: Basic Communication Flow (1/2) 549 | | | | | | | 550 +-----------------+ | | | | | | 551 |(4) Completion | | | | | | | 552 |of MMP BU and | | | | | | | 553 |ready to switch | | | | | | | 554 +-----------------+ | | | | | | 555 | Secure proactive handover pre-switching phase | 556 | [tunnel management protocol to delete PHT] V 557 |<--------+--------------------------------->| 558 +---------------+ | | | | 559 |(5)Switching | | | | | 560 +---------------+ | | | | 561 | | | | | 562 +---------------+ | | | | 563 |(6) Completion | | | | | 564 |of switching | | | | | 565 +---------------+ | | | | 566 o<- Secure proactive handover post-switching phase ^ 567 | [Re-assignment of TIA to the physical I/F] | 568 | | | | | | 569 | Transmission of data packets through AR | [nCoA] 570 | based on nCoA| | | | | 571 |<---------------+---------------------------+-->... | 572 | | | | | . 574 Figure 2: Basic Communication Flow (2/2) 576 5. Detailed Issues 578 In order to provide an optimized handover for a mobile experiencing 579 rapid subnet and domain handover, one needs to look into several 580 issues. These issues include discovery of neighboring networking 581 elements, choosing the right network to connect to based on certain 582 policy, changing the layer 2 point of attachment, obtaining an IP 583 address from a DHCP or PPP server, confirming the uniqueness of the 584 IP address, pre-authenticating with the authentication agent such as 585 AAA server in a specific domain, sending the binding update to the 586 correspondent host and obtaining the redirected streaming traffic to 587 the new point of attachment. We describe these issues in details in 588 the following paragraphs and describe how we have optimized these in 589 case of MPA-based secure proactive handover. 591 5.1 Discovery 593 Discovery of neighboring networking elements such as access points, 594 access routers, authentication servers help expedite the handover 595 process during a mobile's rapid movement between networks. By 596 discovering the network neighborhood with a desired set of 597 coordinates, capabilities and parameters the mobile can perform many 598 of the operation such as pre-authentication, proactive IP address 599 acquisition, proactive address resolution, and binding update while 600 in the previous network. 602 There are several ways a mobile can discover the neighboring 603 networks. The Candidate Access Router Discovery protocol 604 [I-D.ietf-seamoby-card-protocol] helps discover the candidate access 605 routers in the neighboring networks. Given a certain network domain 606 SLP and DNS help provide address of the networking components for a 607 given set of services in the specific domain. In some cases many of 608 the network layer and upper layer parameters may be sent over 609 link-layer management frames such as beacons when the mobile 610 approaches the vicinity of the neighboring networks. IEEE 802.11u is 611 considering issues such as discovering neighborhood using information 612 contained in link-layer. However, if the link-layer management 613 frames are encrypted by some link-layer security mechanism, then the 614 mobile node may not able to obtain the requisite information before 615 establishing link-layer connectivity to the access point. In 616 addition this may add burden to the bandwidth constrained wireless 617 medium. In such cases a higher layer protocol is preferred to obtain 618 the information regarding the neighboring elements. There is some 619 proposal such as [NETDISC] that helps obtain these information about 620 the neighboring networks from a mobility server. When the mobile's 621 movement is imminent, it starts the discovery process by querying a 622 specific server and obtains the required parameters such as the IP 623 address of the access point, its characteristics, routers, SIP 624 servers or authentication servers of the neighboring networks. In 625 the event of multiple networks, it may obtain the required parameters 626 from more than one neighboring networks and keep these in cache. At 627 some point the mobile finds out several candidate target networks out 628 of many probable networks and starts the pre-authentication process 629 by communicating with the required entities in the candidate target 630 networks. 632 5.2 Proactive IP address acquisition 634 In general a mobility management protocol works in conjunction with 635 Foreign Agent or in co-located address mode. Our MPA approach can 636 use both co-located address mode and foreign agent address mode. We 637 discuss here the address assignment component that is used in 638 co-located address mode. There are several ways a mobile node can 639 obtain an IP address and configure itself. Most commonly a mobile 640 can configure itself statically in the absence of any configuring 641 element such as a server or router in the network. The IETF Zeroconf 642 working group defines auto-IP mechanism where a mobile is configured 643 in an ad-hoc manner and picks a unique address from a specified range 644 such as 169.254.x.x. In a LAN environment the mobile can obtain IP 645 address from DHCP servers. In case of IPv6 networks, a mobile has 646 the option of obtaining the IP address using stateless 647 auto-configuration as well. In a wide area networking environment, 648 mobile uses PPP to obtain the IP address by communicating with a NAS. 650 Each of these processes takes of the order of few hundred 651 milliseconds to few seconds depending upon the type of IP address 652 acquisition process and operating system of the clients and servers. 653 Since IP address acquisition is part of the handover process, it adds 654 to the handover delay and thus it is desirable to reduce this timing 655 as much as possible. There are few optimized techniques such as DHCP 656 Rapid Commit [I-D.ietf-dhc-rapid-commit-opt], GPS-coordinate based IP 657 address [GPSIP] available that attempt to reduce the handover time 658 due to IP address acquisition time. However in all these cases the 659 mobile also obtains the IP address after it moves to the new subnet 660 and incurs some delay because of the signaling handshake between the 661 mobile node and the DHCP server. 663 In the following paragraph we describe few ways a mobile node can 664 obtain the IP address proactively from the candidate target network 665 and the associated tunnel setup procedure. These can broadly be 666 defined into three categories such as PANA-assisted proactive IP 667 address acquisition, IKE-assisted proactive IP address acquisition 668 and proactive IP address acquisition using DHCP only. 670 5.2.1 PANA-assisted proactive IP address acquisition 672 In case of PANA-assisted proactive IP address acquisition, the mobile 673 node obtains an IP address proactively from a candidate target 674 network. The mobile node makes use of PANA messages to trigger the 675 address acquisition process on the DHCP relay agent that co-locates 676 with PANA authentication agent in the access router in the candidate 677 target network. Upon receiving a PANA message from the mobile node, 678 the DHCP relay agent performs normal DHCP message exchanges to obtain 679 the IP address from the DHCP server in the candidate target network. 680 This address is piggy-backed in a PANA message and delivered to the 681 client. 683 5.2.2 IKEv2-assisted proactive IP address acquisition 685 IKEv2-assisted proactive IP address acquisition works when an IPsec 686 gateway and a DHCP relay agent are resident within each access router 687 in the candidate target networks. In this case, the IPsec gateway 688 and DHCP relay agent in a candidate target network help the mobile 689 node acquire the IP address from the DHCP server in the candidate 690 target network. The MN-AR key established during the 691 pre-authentication phase is used as the IKEv2 pre-shared secret 692 needed to run IKEv2 between the mobile node and the access router. 693 The IP address from the candidate target network is obtained as part 694 of standard IKEv2 procedure, with using the co-located DHCP relay 695 agent for obtaining the IP address from the DHCP server in the target 696 network using standard DHCP. The obtained IP address is sent back to 697 the client in the IKEv2 Configuration Payload exchange. In this 698 case, IKEv2 is also used as the tunnel management protocol for a 699 proactive handover tunnel (see Section 5.4). 701 5.2.3 Proactive IP address acquisition using DHCP only 703 As another alternative, DHCP may be used for proactively obtaining an 704 IP address from a candidate target network without relying on PANA or 705 IKEv2-based approaches by allowing direct DHCP communication between 706 the mobile node and the DHCP relay or DHCP server in the candidate 707 target network. In this case, the mobile node sends a unicast DHCP 708 message to the DHCP relay agent or DHCP server in the candidate 709 target network requesting an address, with using the address 710 associated with the current physical interface as the source address 711 of the request. 713 When the message is sent to the DHCP relay agent, the DHCP relay 714 agent relays the DHCP messages back and forth between the mobile node 715 and the DHCP server. In the absence of a DHCP relay agent the mobile 716 can also directly communicate with the DHCP server in the target 717 network. The broadcast option in client's unicast DISCOVER message 718 should be set to 0 so that the relay agent or the DHCP server can 719 send back the reply directly to the mobile using the mobile node's 720 source address. 722 In order to prevent malicious nodes from obtaining an IP address from 723 the DHCP server, DHCP authentication should be used or the access 724 router should install a filter to block unicast DHCP message sent to 725 the remote DHCP server from mobile nodes that are not 726 pre-authenticated. When DHCP authentication is used, the DHCP 727 authentication key may be derived from the MPA-SA established between 728 the mobile node and the authentication agent in the candidate target 729 network. 731 The proactively obtained IP address is not assigned to the mobile 732 node's physical interface until the mobile has not moved to the new 733 network. The IP address thus obtained proactively from the target 734 network should not be assigned to the physical interface but rather 735 to a virtual interface of the client. Thus such a proactively 736 acquired IP address via direct DHCP communication between the mobile 737 node and the DHCP relay or the DHCP server in the candidate target 738 network may be carried with additional information that is used to 739 distinguish it from other address assigned to the physical interface. 741 Upon the mobile's entry to the new network, the mobile node can 742 perform DHCP over the physical interface to the new network to get 743 other configuration parameters such as SIP server, DNS server, etc., 744 by using e.g., DHCP INFORM. This should not affect the ongoing 745 communication between the mobile and correspondent host. Also, the 746 mobile node can perform DHCP over the physical interface to the new 747 network to extend the lease of the address that was proactively 748 obtained before entering the new network. 750 In order to maintain the DHCP binding for the mobile node and keep 751 track of the dispensed IP address before and after the secure 752 proactive handover, the same DHCP client identifier needs to be used 753 for the mobile node for both DHCP for proactive IP address 754 acquisition and DHCP performed after the mobile node enters the 755 target network. The DHCP client identifier may be the MAC address of 756 the mobile node or some other identifier. 758 5.3 Address resolution issues 760 5.3.1 Proactive duplicate address detection 762 When the DHCP server dispenses an IP address, it updates its lease 763 table, so that this same address is not given to another client for 764 that specific period of time. At the same time the client also keeps 765 a lease table locally so that it can renew when needed. In some 766 cases where a network consists of both DHCP and non-DHCP enabled 767 clients, there is a probability that another client with the LAN may 768 have been configured with an IP address from the DHCP address pool. 769 In such scenario the server does a duplicate address detection based 770 on ARP (Address Resolution Protocol) or IPv6 Neighbor Discovery 771 before assigning the IP address. This detection procedure may take 772 up to 4 sec to 15 sec [MAGUIRE] and will thus contribute to a larger 773 handover delay. In case of proactive IP address acquisition process, 774 this detection is performed ahead of time and thus does not affect 775 the handover delay at all. By performing the duplicate address 776 detection ahead of time, we reduce the handover delay factor. 778 5.3.2 Proactive address resolution update 780 During the process of pre-configuration, the address resolution 781 mappings needed by the mobile node to communicate with nodes in the 782 target network after attaching to the target network can also be 783 known, where the nodes may be the access router, authentication 784 agent, configuration agent and correspondent node. There are several 785 possible ways of performing such proactive address resolution. 787 o Use an information service mechanism [NETDISC] to resolve the MAC 788 addresses of the nodes. This might require each node in the 789 target network to involve in the information service so that the 790 server of the information service can construct the database of 791 proactive address resolution. 793 o Extend the authentication protocol used for pre-authentication or 794 the configuration protocol used for pre-configuration to support 795 proactive address resolution. For example, if PANA is used as the 796 authentication protocol for pre-authentication, PANA messages may 797 carry AVPs used for proactive address resolution. In this case, 798 the PANA authentication agent in the target network may perform 799 address resolution for on behalf of the mobile node. 801 o One can also make use of DNS to map the MAC address of the 802 specific interface associated with a specific IP address of the 803 network element in the target network. One may define a new DNS 804 resource record (RR) to proactively resolve the MAC addresses of 805 the nodes in the target network. But this approach may have its 806 own limitations since a MAC address is a resource that is bound to 807 an IP address, not directly to a domain name. 809 When the mobile node attaches to the target network, it installs the 810 proactively obtained address resolution mappings without necessarily 811 performing address resolution query for the nodes in the target 812 network. 814 On the other hand, the nodes that reside in the target network and 815 are communicating with the mobile node should also update their 816 address resolution mappings for the mobile node as soon as the mobile 817 node attaches to the target network. The above proactive address 818 resolution methods could also be used for those nodes to proactively 819 resolve the MAC address of the mobile node before the mobile node 820 attaches to the target network. However, this is not useful since 821 the those nodes need to detect the attachment of the mobile node to 822 the target network before adopting the proactively resolved address 823 resolution mapping. A better approach would be integration of 824 attachment detection and address resolution mapping update. This is 825 based on gratuitously performing address resolution [RFC3344], 826 [RFC3775] in which the mobile node sends an ARP Request or an ARP 827 Reply in the case of IPv4 or a Neighbor Advertisement in the case of 828 IPv6 immediately after the mobile node attaches to the new network so 829 that the nodes in the target network can quickly update the address 830 resolution mapping for the mobile node. 832 5.4 Tunnel management 834 After an IP address is proactively acquired from the DHCP server in a 835 candidate target network, a proactive handover tunnel is established 836 between the mobile node and the access router in the candidate target 837 network. The mobile node uses the acquired IP address as the tunnel 838 inner address and most likely it assigns the address to a virtual 839 interface. 841 The proactive handover tunnel is established using a tunnel 842 management protocol. When IKEv2 is used for proactive IP address 843 acquisition, IKEv2 is also used as the tunnel management protocol. 844 Alternatively, when PANA is used for proactive IP address 845 acquisition, PANA may be used as the secure tunnel management 846 protocol. 848 Once the proactive handover tunnel is established between the mobile 849 node and the access router in the candidate target network, the 850 access router also needs to perform proxy address resolution on 851 behalf of the mobile node so that it can capture any packets destined 852 to the mobile node's new address. 854 Since mobile needs to be able to communicate with the correspondent 855 node while in the previous network some or all part of binding update 856 and data from the correspondent node to mobile node need to be sent 857 back to the mobile node over a proactive handover tunnel. When SIP 858 Mobility is used for the mobility management protocol, the new 859 address as the contact address is reported to the correspondent node 860 using SIP Re-INVITE. Once the correspondent node's SIP user agent 861 obtains the new contact address it sends the OK to the new contact 862 address which actually belongs to the target network. The access 863 router in the target network picks up the OK signal as it was 864 directed to the new contact address and tunnels it to the mobile in 865 its previous network. Final ACK message is received from the mobile 866 to the correspondent node. Data from the mobile to the correspondent 867 node may not need to be tunneled in the absence of ingress filtering. 868 After completion of the SIP Re-INVITE signaling handshake, the data 869 from the correspondent node is sent to mobile via the proactive 870 handover tunnel. 872 In order for the traffic to be directed to the mobile node after the 873 mobile node attaches to the target network, the proactive handover 874 tunnel needs to be deleted or disabled. The tunnel management 875 protocol used for establishing the tunnel is used for this purpose. 876 Alternatively, when PANA is used as the authentication protocol the 877 tunnel deletion or disabling at the access router can be triggered by 878 means of PANA update mechanism as soon as the mobile moves to the 879 target network. A link-layer trigger ensures that the mobile node is 880 indeed connected to the target network and can also be used as the 881 trigger to delete or disable the tunnel. 883 5.5 Binding Update 885 There are several kinds of binding update mechanisms for different 886 mobility management schemes. In some cases such as Mobile IPv4 887 without RO binding update is sent to home agent only, binding update 888 is sent both to the home agent and corresponding host in case of 889 Mobile IPv6. In case of SIP-based terminal mobility the mobile sends 890 binding update using Re-INVITE to the correspondent node and REGISTER 891 message to the Registrar. Based on the distance between the mobile 892 and the correspondent node the binding update may contribute to the 893 handover delay. SIP-fast handover [SIPFAST] provides several ways of 894 reducing the handover delay due to binding update. In case of secure 895 proactive handover using SIP-based mobility management we rule out 896 the delay due to binding update completely, as it takes place in the 897 previous network. Thus this scheme looks more attractive when the 898 correspondent node is too far from the communicating mobile node. 900 5.6 Preventing packet loss 902 In MPA case we did not observe any packet loss due to IP address 903 acquisition, secured authentication and binding update. However, 904 there may be some transient packets during link-layer handover and 905 until the traffic to be directed to the mobile node after attaching 906 to the target network. Those transient packets can be lost. 907 Bicasting or buffering the transient packets at the access router can 908 be used to minimize or eliminate packet loss. However, bicasting 909 does not eliminate packet loss if link-layer handover is not 910 seamlessly performed. On the other hand, buffering does not reduce 911 packet delay. While packet delay can be compensated by playout 912 buffer at the receiver side for streaming application, playout buffer 913 does not help much for interactive VoIP application which cannot 914 tolerate for large delay jitters. Thus it is still important to 915 optimize the link-layer handover anyway. 917 5.7 Link-layer security and mobility 919 Using the MPA-SA established between the mobile node and the 920 authentication agent in a candidate target network, during the 921 pre-authentication phase, it is possible to bootstrap link-layer 922 security in the candidate target network while the mobile node is in 923 the current network in the following way. 925 (1) The authentication agent in the candidate target network and the 926 mobile node derives a PMK (Pair-wise Master Key) 927 [I-D.ietf-eap-keying] using the MPA-SA that is established as a 928 result of successful pre-authentication. Executions of EAP and an 929 AAA protocol may be involved during pre-authentication to establish 930 the MPA-SA. From the PMK, distinct TSKs (Transient Session Keys) 931 [I-D.ietf-eap-keying] for the mobile node are directly or indirectly 932 derived for each point of attachment of the candidate target network. 934 (2) The authentication agent may install the keys derived from the 935 PMK and used for secure association to points of attachment. The 936 derived keys may be TSKs or intermediary keys from which TSKs are 937 derived. 939 (3) After the mobile node chooses the candidate target network as the 940 target network and switches to a point of attachment in the target 941 network (which now becomes the new network for the mobile node), it 942 executes a secure association protocol such as IEEE 802.11i 4-way 943 handshake [802.11i] using the PMK in order to establish PTKs 944 (Pair-wise Transient Keys) and GTKs (Group Transient Keys) 945 [I-D.ietf-eap-keying] used for protecting link-layer packets between 946 the mobile node and the point of attachment. No additional execution 947 of EAP authentication is needed here. 949 (4) While the mobile node is roaming in the new network, the mobile 950 node only needs to perform a secure association protocol with its 951 point of attachment point and no additional execution of EAP 952 authentication is needed either. Integration of MPA with link-layer 953 handover optimization mechanisms such as 802.11r can be archived this 954 way. 956 The mobile node may need to know the link-layer identities of the 957 point of attachments in the candidate target network to derive TSKs. 959 If PANA is used as the authentication protocol for 960 pre-authentication, this is possible by carrying Device-Id AVPs in 961 the PANA-Bind-Request message sent from the PAA [I-D.ietf-pana-pana], 962 with each AVP containing the BSSID of a distinct access point. 964 _________________ ____________________________ 965 | Current Network | | CTN | 966 | ____ | | ____ | 967 | | | (1) pre-authentication | | | 968 | | MN |<------------------------------->| AA | | 969 | |____| | | |____| | 970 | . | | | | 971 | . | | | | 972 |____.____________| | | | 973 .movement | |(2) Keys | 974 ____.___________________| | | 975 | _v__ _____ | | 976 | | |(3) secure assoc. | | | | 977 | | MN |<------------------>| AP1 |<-------+ | 978 | |____| |_____| | | 979 | . | | 980 | .movement | | 981 | . | | 982 | . | | 983 | _v__ _____ | | 984 | | |(4) secure assoc. | | | | 985 | | MN |<------------------>| AP2 |<-------+ | 986 | |____| |_____| | 987 |_____________________________________________________| 989 Figure 3: Bootstrapping Link-layer Security 991 5.8 Authentication in initial network attachment 993 When the mobile node initially attaches to a network, network access 994 authentication would occur regardless of the use of MPA. The 995 protocol used for network access authentication when MPA is used for 996 handover optimization can be a link-layer network access 997 authentication protocol such as IEEE 802.1X or a higher-layer network 998 access authentication protocol such as PANA. 1000 6. Initial Implementation and Results 1002 We describe a specific scenario where we evaluate both MPA and 1003 non-MPA based approaches. This section describes details of one of 1004 the specific implementation for MPA and non-MPA. In addition to 1005 implementation details, this section also provides the evaluation 1006 results of optimized hand-off with MPA and compares it with 1007 non-MPA-based handover. 1009 6.1 Network structure 1011 The experiment network structure is shown in Figure 4. 1013 Network 1 Network 2 Network 3 1014 (oPoA) (nPoA) 1015 +--------+ +------------+ 1016 |Router 1|---------|Router 2(RA)|---------+ 1017 +---+----+ |PAA(AA) | | 1018 | |DHCP Relay | | 1019 | +--------+ |Agent (CA) | | +------------+ 1020 |-|DHCP | +------------+ | |CN | 1021 | |Server 1| | +------------+ |-|SIP-M Client| 1022 | +--------+ |-|DHCP | | +------------+ 1023 | | |Server 2 | 1024 | | +------------+ | 1025 | | | 1026 | +-----+ | +-----+ | 1027 |-|AP 1 | |-|AP 2 | | 1028 +-----+ +-----+ 1029 : : 1030 : : 1031 +------------+ +------------+ 1032 |MN |---->|MN | 1033 |SIP-M Client| |SIP-M Client| 1034 |PaC | |PaC | 1035 +------------+ +------------+ 1037 Figure 4: Network Structure 1039 There are three networks defined in the implementation environment. 1040 Network 1 is old point of attachment (oPoA), Network 2 is new point 1041 of attachment (nPoA), and network 3 is where the correspondent node 1042 (CN) resides. The mobile is initially in Network 1 and starts 1043 communicating with the correspondent node. Network 1, network 2, and 1044 network 3 do not need to be adjacent. In the implementation scenario 1045 however, network 1, network 2 and network 3 are one hop away. In the 1046 event of mobile's movement, a specific Mobility Management Protocol 1047 (MMP) can take care of continuity of streaming traffic set up by the 1048 peer-to-peer application. 1050 Network 1 consists of DHCP Server 1, access point (AP) 1 and Access 1051 Router 1. Network 2 consists a DHCP Server 2, AP 2 and Access Router 1052 2. AP 1 and AP 2 are 802.11 wireless LAN access points. Router 2 1053 also works as a PANA Authentication Agent (PAA) [I-D.ietf-pana-pana] 1054 and a DHCP Relay Agent [RFC3046] for Network 2, but they can be 1055 separated. DHCP relay-agent also acts like a Configuration Agent 1056 (CA) that helps obtain the IP address for the mobile proactively from 1057 the neighboring target network. Network 3 consists of a 1058 Correspondent Node (CN) that communicates with the mobile node in 1059 Network 1. Both the correspondent node and mobile node are equipped 1060 with mobility enabled SIP client. Mobile SIP client is also equipped 1061 with PANA Client (PaC). In this specific case SIP proxies are not 1062 involved to set up the initial communication between the 1063 correspondent node and mobile node. Mobile Node (MN) uses 802.11 1064 wireless LAN as the access method and can communicate via AP 1 before 1065 it moves to Network 2 where it communicates via AP 2. In this 1066 specific case, the Mobility Management Protocol (MMP) is SIP Mobility 1067 (SIP-M), configuration protocol is DHCP, authentication agent (AA) is 1068 PAA, configuration agent (CA) is DHCP Relay Agent and Access Router 1069 (AR) is Router 2 that can provide IP-in-IP tunneling [RFC1853] 1070 management functions. The MN is also equipped with IP-in-IP 1071 tunneling management function. Thus the mobile has the ability to 1072 set up a tunnel interface and detunnel the packets sent over the 1073 tunnel between the router 2 and the mobile. In this specific case, 1074 we have used IPv4, although one can as well use mobility management 1075 for IPv6 such as MIPv6 or SIP mobility over IPv6. 1077 6.2 MPA Scenario 1079 The communication flow for MPA in our implementation environment is 1080 described below and in Figure 5 1082 Step 0: As the MN bootstraps it associates with AP 1 and obtains the 1083 IP address old Care of Address (oCoA) from the DHCP Server 1 in 1084 network 1. The MN's SIP user agent communicates with CN's SIP user 1085 agent. After a successful connection setup between the mobile and 1086 correspondent node, a voice traffic flows between the MN and the CN. 1087 This voice traffic is carried over RTP/UDP. We have used RAT (Robust 1088 Audio Tool) as the media agent. 1090 In Step 1 (pre-authentication phase), there are some triggers to Step 1091 1 such as AP 1's link level going down because of MN's movement. MN 1092 prepares to start the handover process and obtains the information 1093 about the required elements of the target network from an information 1094 server. Then the MN performs pre-authentication with PAA and derives 1095 the MN-CA key and MN-AR key from the MPA-SA if the pre-authentication 1096 is successful. 1098 In Step 2 (pre-configuration phase), the MN performs 1099 pre-configuration by communicating with DHCP Proxy to obtain IP 1100 address and so forth. DHCP proxy and Authentication Agent (AA) are 1101 co-located in this case. This IP address is the new Care of Address 1102 (nCoA) the mobile would have obtained after moving to the new 1103 network. DHCP Proxy gets the IP address from DHCP Server 2. The new 1104 IP address of the mobile is relayed back to the mobile as part of its 1105 pre-authentication process. After the MN gets the new IP address 1106 (nCoA), an IP-in-IP tunnel is created between Router 2 and the 1107 mobile. 1109 At this point the behavior of the MN and Router 2 is basically 1110 followed by [RFC1853] and the signals are cryptographically protected 1111 by using the MN-CA key. 1113 In Step 3 (secure proactive handover main phase), once the mobile is 1114 configured with the new IP address (nCoA) on its virtual interface 1115 and a tunnel is set up between the mobile and R2, the MN sends SIP 1116 Re-invite with nCoA as its contact address to the CN. All the SIP 1117 Re-invite signaling are carried over the tunnel and so as the new RTP 1118 stream. Thus mobile receives the traffic in the old network even if 1119 the CN sends traffic to nCoA. 1121 Steps 4, 5 and 6 (secure proactive handover pre-switching phase, 1122 switching and secure proactive handover post-switching phase): As the 1123 mobile detects the new point of attachment and makes a decision to 1124 switch over to the new network it associates with AP 2. At this 1125 point the mobile configures itself by assigning the nCoA to its 1126 physical interface and updates the default router from the local 1127 cache that is stored during the pre-configuration phase in network 1. 1128 The MN sends a PANA-Update-Request message to the access router R2. 1129 This update message deletes the tunnel on the router R2 and deletes 1130 the tunnel locally on the mobile. Mobile's ARP entry with nCoA is 1131 also updated in the router R2 during the secure proactive handover 1132 thus reducing the delay due to ARP process that usually happens when 1133 a new node comes to a network. 1135 Router 2 (RA) 1136 PAA (AA) 1137 DHCP DHCP Relay DHCP 1138 MN AP1 Server 1 AP2 Agent Server 2 CN 1139 |L2 Association| | | | | | 1140 |<- - - - - - >| | | | | | 1141 | oCoA assignment | | | | | 1142 |<------------------->| | | | | 1143 | SIP and voice communication start | | | 1144 |<----------------------------------------------------------->| 1145 | Step 1 Pre authentication with PAA | | | 1146 |<-------------------------------------->| | | 1147 | Step 2 Pre configuration with DHCP RA | | | 1148 |<-------------------------------------->| | | 1149 | | | | |DHCP Relay | | 1150 | | | | |<--------->| | 1151 | nCoA assignment | | | | | 1152 |<-------------------------------------->| | | 1153 |IP in IP tunnel is established with Router 2 | | 1154 |<-------------------------------------->| | | 1155 | Step 3 SIP Re-invite | | | | 1156 |<======================================>|<------------------>| 1157 |Voice traffic goes through IP in IP tunnel | | 1158 |<======================================>|<------------------>| 1159 | Step 4 Deletion of the tunnel | | | 1160 |<-------------------------------------->| | | 1161 X Step 5 Association with AP 2| | | | 1162 X<- - - - - - - - - - - - - - >| | | | 1163 X Voice traffic goes to nCoA | | | | 1164 |<----------------------------------------------------------->| 1166 <- - - - ->802.11 frame 1167 <--------->IP packet 1168 <=========>IP in IP tunneling packet 1169 X Voice Packet loss is happened. 1171 Figure 5: MPA Communication Flow in the implementation environment 1173 6.3 Non-MPA Scenario 1175 For the comparison purposes, non-MPA scenario is also experimented 1176 and is described here. Non-MPA scenario does not provide any 1177 proactive handover mechanism as such but follows standard handover 1178 procedure. 1180 Following are the steps of non-MPA scenario in a likely similar 1181 situation. 1183 There is no proactive handover involved in this case. Steps involved 1184 as part of initial communication setup while the mobile is in network 1185 1 remain same as that of MPA part. Based on some policy decision 1186 such as signal-to-noise ratio, the mobile decides to switch to the 1187 new network. 1189 In first step, the MN associates with AP 2 and obtains new IP address 1190 from DHCP Server 2, then assigns the IP address to the network 1191 interface. 1193 In second step, the MN authenticates to the PAA. No data can flow 1194 through router R2, until the mobile successfully authenticates to the 1195 PAA. This adds the delay for post-authentication. 1197 In third step, the MN sends SIP Re-invite with the new IP address 1198 obtained from the DHCP server in the new network, then the voice 1199 traffic is destined to the new IP address. This binding update can 1200 taken potentially a lot of time if the mobile's target network and 1201 the correspondent node are far apart. 1203 Router 2(RA) 1204 PAA(AA) 1205 DHCP DHCP Relay DHCP 1206 MN AP1 Server 1 AP2 Agent Server 2 CN 1207 |L2 Association| | | | | | 1208 |<- - - - - - >| | | | | | 1209 | IP address assignment | | | | 1210 |<------------------->| | | | | 1211 | SIP and voice communication start | | | 1212 |<----------------------------------------------------------->| 1213 | Association with AP 2 | | | | 1214 X<- - - - - - - - - - - - - - >| | | | 1215 X new IP address assignment | | | | 1216 X<-------------------------------------------------->| | 1217 X Authentication with PAA | | | | 1218 X<-------------------------------------->| | | 1219 X SIP Re-invite | | | | 1220 X<----------------------------------------------------------->| 1221 X Voice traffic goes to new IP address | | | 1222 |<----------------------------------------------------------->| 1224 <- - - - ->802.11 frame 1225 <--------->IP packet 1226 X Voice Packet loss is happened. 1228 Figure 6: Communication Flow for Non-MPA in the implementation 1229 environment 1231 6.4 The evaluation and the results 1233 In case of MPA scenario, there is no packet loss during 1234 pre-authentication, and secure proactive handover before link-layer 1235 handover takes place when the mobile moves to the new network. Delay 1236 and associated packet loss are observed due to link-layer handover 1237 delay and tunnel deletion mechanism during the handover. This 1238 handover delay is limited to 170 ms including the link-layer delay. 1239 This amounts to 6 RTP packets being lost because of these processes. 1240 Note that in the measurement the RTP packets were not spaced equally 1241 with 20 ms intervals even at the sending side. Optimizing link-layer 1242 delay using a scheme such as [MACD] will reduce the total packets 1243 lost further. It is important to note that the scheme described in 1244 [MACD] has been experimented with HOSTAP driver only. We are also 1245 implementing other methods as described in Section 5 to optimize the 1246 handoff procedure further. It is also noted that the end-host 1247 processing contributes to the handoff delay as well for things such 1248 as tunnel deletion. Thus any system optimization techniques can also 1249 help reduce the handoff delay. 1251 In case of non-MPA scenario, handover delay and attributed packet 1252 loss take place because of L2 handover during the movement, IP 1253 address assignment, post-authentication, and mobility binding update. 1254 Especially DHCP takes long time to complete the detection of 1255 duplicate of IP address in the network and binding update can take a 1256 long time if the correspondent node is too far from the mobile node. 1257 In our testbed non-MPA-based handover took up to 4 seconds delay due 1258 to all the above factors. Based on type of streaming traffic that 1259 was sent once in every 20 ms using RAT approximately 200 packets were 1260 lost. 1262 6.5 Notes 1264 In this example network, a portion of function is omitted such as 1265 pre-authorization process, but it can be implemented to the network 1266 and it's not critical section for the handover. 1268 In this example network, candidate protocols can always be replaced 1269 by the other protocols, for example, Mobility management protocol can 1270 be replaced by Mobile IPv4 or Mobile IPv6. In that case, Home Agent 1271 could be in Network 3, similarly the tunnel management protocol can 1272 always be replaced by IKEv2 and IPsec tunnel mode. It is normal to 1273 assume that the performance values will be different based on the 1274 type of candidate protocols used. We also found that L2 delay can 1275 vary based on the drivers and operating system used. We can provide 1276 some examples of L2 delays here. For example Cisco Aironet 350 takes 1277 almost 200-300 ms under linux operating system. Orinoco and Dlink 1278 (Hostap) drivers take around 100-160 ms and 400-600 ms respectively 1279 under Linux operating system but Orinoco with Windows takes about 250 1280 ms. Where as Hostap driver with managed mode takes about 30 ms 1281 handoff time which is comparable to that obtained by [MACD]. 1283 7. Security Considerations 1285 This document describes a framework of a secure handover optimization 1286 mechanism based on performing handover-related signaling between a 1287 mobile node and one or more candidate target networks to which the 1288 mobile node may move in the future. This framework involves 1289 acquisition of the resources from the candidate target networks as 1290 well as data packet redirection from the candidate target networks to 1291 the mobile node in the current network before the mobile node 1292 physically connects to one of those candidate target networks. 1294 Acquisition of the resources from the candidate target networks must 1295 accompany with appropriate authentication and authorization 1296 procedures in order to prevent unauthorized mobile node from 1297 obtaining the resources. For this reason, it is important for the 1298 MPA framework to perform pre-authentication between the mobile node 1299 and the candidate target networks. The MN-CA key and the MN-AR key 1300 generated as a result of successful pre-authentication can protect 1301 subsequent handover signaling packets and data packets exchanged 1302 between the mobile node and the MPA functional elements in the 1303 candidate target networks. 1305 The MPA framework also addresses security issues when the handover is 1306 performed across multiple administrative domains. With MPA, it is 1307 possible for handover signaling to be performed based on direct 1308 communication between the mobile node and routers or mobility agents 1309 in the candidate target networks. This eliminates the need for a 1310 context transfer protocol for which known limitations exist in terms 1311 of security [I-D.ietf-eap-keying]. For this reason, the MPA 1312 framework does not require trust relationship among administrative 1313 domains or access routers, which makes thke framework more deployable 1314 in the Internet without compromising the security in mobile 1315 environments. 1317 8. Acknowledgments 1319 We would like to thank Farooq Anjum and Raziq Yakub for their review 1320 of this document, Victor Fajardo, Kensaku Fujimoto and Provin Gurung 1321 for MPA prototype implementation support, and Subir Das for 1322 standardization support in the IEEE 802.21 WG. 1324 9. References 1326 9.1 Normative References 1328 [RFC3344] Perkins, C., "IP Mobility Support for IPv4", RFC 3344, 1329 August 2002. 1331 [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J. and H. 1332 Levkowetz, "Extensible Authentication Protocol (EAP)", RFC 1333 3748, June 2004. 1335 [RFC3775] Johnson, D., Perkins, C. and J. Arkko, "Mobility Support 1336 in IPv6", RFC 3775, June 2004. 1338 [I-D.ietf-mobileip-lowlatency-handoffs-v4] 1339 Malki, K., "Low latency Handoffs in Mobile IPv4", 1340 draft-ietf-mobileip-lowlatency-handoffs-v4-09 (work in 1341 progress), June 2004. 1343 [I-D.ietf-mipshop-fast-mipv6] 1344 Koodli, R., "Fast Handovers for Mobile IPv6", 1345 draft-ietf-mipshop-fast-mipv6-03 (work in progress), 1346 October 2004. 1348 [I-D.ietf-seamoby-card-protocol] 1349 Liebsch, M., "Candidate Access Router Discovery", 1350 draft-ietf-seamoby-card-protocol-08 (work in progress), 1351 September 2004. 1353 [I-D.ietf-seamoby-ctp] 1354 Loughney, J., "Context Transfer Protocol", 1355 draft-ietf-seamoby-ctp-11 (work in progress), August 2004. 1357 [I-D.ietf-eap-keying] 1358 Aboba, B., "Extensible Authentication Protocol (EAP) Key 1359 Management Framework", draft-ietf-eap-keying-04 (work in 1360 progress), November 2004. 1362 [I-D.ietf-pana-pana] 1363 Forsberg, D., Ohba, Y., Patil, B., Tschofenig, H. and A. 1364 Yegin, "Protocol for Carrying Authentication for Network 1365 Access (PANA)", draft-ietf-pana-pana-07 (work in 1366 progress), December 2004. 1368 [RG98] ITU-T, "General Characteristics of International Telephone 1369 Connections and International Telephone Circuits: One-Way 1370 Transmission Time", ITU-T Recommendation G.114 1998. 1372 [ITU98] ITU-T, "The E-Model, a computational model for use in 1373 transmission planning", ITU-T Recommendation G.107 1998. 1375 [ETSI] ETSI, "Telecommunications and Internet Protocol 1376 Harmonization Over Networks (TIPHON) Release 3: End-to-end 1377 Quality of Service in TIPHON systems; Part 1: General 1378 aspects of Quality of Service.", ETSI TR 101 329-6 V2.1.1. 1380 9.2 Informative References 1382 [I-D.ietf-mobike-design] 1383 Kivinen, T. and H. Tschofenig, "Design of the MOBIKE 1384 protocol", draft-ietf-mobike-design-01 (work in progress), 1385 January 2005. 1387 [I-D.ietf-hip-base] 1388 Moskowitz, R., "Host Identity Protocol", 1389 draft-ietf-hip-base-01 (work in progress), October 2004. 1391 [RFC2679] Almes, G., Kalidindi, S. and M. Zekauskas, "A One-way 1392 Delay Metric for IPPM", RFC 2679, September 1999. 1394 [RFC2680] Almes, G., Kalidindi, S. and M. Zekauskas, "A One-way 1395 Packet Loss Metric for IPPM", RFC 2680, September 1999. 1397 [RFC2681] Almes, G., Kalidindi, S. and M. Zekauskas, "A Round-trip 1398 Delay Metric for IPPM", RFC 2681, September 1999. 1400 [RFC1853] Simpson, W., "IP in IP Tunneling", RFC 1853, October 1995. 1402 [RFC3046] Patrick, M., "DHCP Relay Agent Information Option", RFC 1403 3046, January 2001. 1405 [I-D.ietf-dhc-rapid-commit-opt] 1406 Kim, P., Volz, B. and S. Park, "Rapid Commit Option for 1407 DHCPv4", draft-ietf-dhc-rapid-commit-opt-05 (work in 1408 progress), June 2004. 1410 [SIPMM] Schulzrine, H., "Application Layer Mobility Using SIP", 1411 MC2R. 1413 [CELLIP] Cambell, A., Gomez, J., Kim, S., Valko, A. and C. Wan, 1414 "Design, Implementation, and Evaluation of Cellular IP", 1415 IEEE Personal communication Auguest 2000. 1417 [HAWAII] Ramjee, R., Porta, T., Thuel, S., Varadhan, K. and S. 1418 Wang, "HAWAII: A Domain-based Approach for Supporting 1419 Mobility in Wide-area Wireless networks", . 1421 [IDMP] Das, S., Dutta, A., Misra, A. and S. Das, "IDMP: An 1422 Intra-Domain Mobility Management Protocol for Next 1423 Generation Wireless Networks", IEEE Wireless Communication 1424 Magazine October 2000. 1426 [I-D.ietf-mobileip-reg-tunnel] 1427 Calhoun, P., Montenegro, G., Perkins, C. and E. 1428 Gustafsson, "Mobile IPv4 Regional Registration", 1429 draft-ietf-mobileip-reg-tunnel-09 (work in progress), July 1430 2004. 1432 [YOKOTA] Yokota, H., Idoue, A. and T. Hasegawa, "Link Layer 1433 Assisted Mobile IP Fast Handoff Method over Wireless LAN 1434 Networks", Proceedings of ACM Mobicom 2002. 1436 [MACD] Shin, S., "Reducing MAC Layer Handoff Latency in IEEE 1437 802.11 Wireless LANs", MOBIWAC Workshop . 1439 [SUM] Dutta, A., Zhang, T., Madhani, S., Taniuchi, K., Ohba, Y. 1440 and H. Schulzrinne, "Secured Universal Mobility", WMASH 1441 2004. 1443 [SIPFAST] Dutta, A., Madhani, S. and H. Schulzrinne, "Fast handoff 1444 Schemes for Application Layer Mobility Management", PIMRC 1445 2004. 1447 [MITH] Gwon, Y., Fu, G. and R. Jain, "Fast Handoffs in Wireless 1448 LAN Networks using Mobile initiated Tunneling Handoff 1449 Protocol for IPv4 (MITHv4)", Wireless Communications and 1450 Networking 2003, January 2005. 1452 [NETDISC] Anjum, F., Das, S., Dutta, A., Fajardo, V., Madhani, S., 1453 Ohba, Y., Taniuchi, K., Yaqub, R. and T. Zhang, "A 1454 proposal for MIH function and Information Service", A 1455 contribution to IEEE 802.21 WG , January 2005. 1457 [GPSIP] Dutta, A., "GPS-IP based fast-handoff for Mobiles", NYMAN 1458 2003. 1460 [MAGUIRE] Vatn, J. and G. Maguire, "The effect of using co-located 1461 care-of-address on macro handover latency", . 1463 Authors' Addresses 1465 Ashutosh Dutta 1466 Telcordia Technologies 1467 1 Telcordia Drive 1468 Piscataway, NJ 08854 1469 USA 1471 Phone: +1 732 699 3130 1472 EMail: adutta@research.telcordia.com 1474 Yoshihiro Ohba 1475 Toshiba America Research, Inc. 1476 1 Telcordia Drive 1477 Piscataway, NJ 08854 1478 USA 1480 Phone: +1 732 699 5305 1481 EMail: yohba@tari.toshiba.com 1483 Kenichi Taniuchi 1484 Toshiba America Research, Inc. 1485 1 Telcordia Drive 1486 Piscataway, NJ 08854 1487 USA 1489 Phone: +1 732 699 5308 1490 EMail: ktaniuchi@tari.toshiba.com 1492 Henning Schulzrinne 1493 Columbia University 1494 Department of Computer Science 1495 450 Computer Science Building 1496 New York, NY 10027 1497 USA 1499 Phone: +1 212 939 7004 1500 EMail: hgs@cs.columbia.edu 1502 Intellectual Property Statement 1504 The IETF takes no position regarding the validity or scope of any 1505 Intellectual Property Rights or other rights that might be claimed to 1506 pertain to the implementation or use of the technology described in 1507 this document or the extent to which any license under such rights 1508 might or might not be available; nor does it represent that it has 1509 made any independent effort to identify any such rights. Information 1510 on the procedures with respect to rights in RFC documents can be 1511 found in BCP 78 and BCP 79. 1513 Copies of IPR disclosures made to the IETF Secretariat and any 1514 assurances of licenses to be made available, or the result of an 1515 attempt made to obtain a general license or permission for the use of 1516 such proprietary rights by implementers or users of this 1517 specification can be obtained from the IETF on-line IPR repository at 1518 http://www.ietf.org/ipr. 1520 The IETF invites any interested party to bring to its attention any 1521 copyrights, patents or patent applications, or other proprietary 1522 rights that may cover technology that may be required to implement 1523 this standard. Please address the information to the IETF at 1524 ietf-ipr@ietf.org. 1526 Disclaimer of Validity 1528 This document and the information contained herein are provided on an 1529 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1530 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 1531 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 1532 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 1533 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1534 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1536 Copyright Statement 1538 Copyright (C) The Internet Society (2005). This document is subject 1539 to the rights, licenses and restrictions contained in BCP 78, and 1540 except as set forth therein, the authors retain all their rights. 1542 Acknowledgment 1544 Funding for the RFC Editor function is currently provided by the 1545 Internet Society.