Presentation is loading. Please wait.

Presentation is loading. Please wait.

12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba.

Published byCarol Madlyn Davidson Modified over 8 years ago

Similar presentations

Presentation on theme: "12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba."— Presentation transcript:

1 12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba

2 12/05/2007IETF70 PANA WG2 Background Network selection was defined older revisions of PANA specification to provide following functions –NAP and ISP separate authentication –ISP selection During IETF last call, network selection was removed from PANA specification, with suggestion to define it in a separate document This draft is submitted as such a document

3 12/05/2007IETF70 PANA WG3 A new bit in PANA Header for NETSEL 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R S C A P I N r r r r r r r r r| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ N(Network Selection) This bit is set when the sender supports network selection function

4 12/05/2007IETF70 PANA WG4 ‘N’ bit Usage The PAA and PaC advertise their support for the network selection function in the initial PAR and PAN messages with both 'S’ (Start) and ‘N’ (Network selection) bits set. If 'N' bit is set in both messages, the PAA and PaC may start NAP and ISP Separate Authentication and/or ISP selection

5 12/05/2007IETF70 PANA WG5 NAP and ISP Separate Authentication Two PANA sessions are established between the PaC and PAA, one for NAP authentication and the other for ISP authentication. For the PANA session used for NAP authentication, PAR message sent in response to the initial PAR-PAN exchange with 'S' (Start) bit set carries one NAP-Information AVP. The PANA session used for ISP authentication MUST NOT carry a NAP-Information AVP. When a PANA SA is established, the same NAP-Information AVP MUST be carried in the last PANA-Auth-Request message with 'C' (Complete) bit set with an AUTH AVP –Issue: PANA SA should be a MUST considering crypto binding (see below) When NAP and ISP separate authentication is performed, cryptographic binding MUST be made between the two session –How the cryptographic binding is created is TBD

6 12/05/2007IETF70 PANA WG6 ISP Selection ISP selection MUST NOT be performed over a session used for NAP authentication. ISP selection MAY be performed in the absence of NAP and ISP separate authentication The second PAR message (with ‘S’ bit cleared) with ‘N’ bit set carries one or more ISP-Information AVPs –When there is only one ISP-Information AVP, there is only one ISP choice The PAN message sent in response to this PAR message carries at most one ISP-Information AVP to indicate the ISP chosen by the PaC. –In the absence of an ISP in the PAN, ISP selection is typically performed based on the client identifier (e.g., using the realm portion of an NAI carried in EAP method). When a PANA SA is established, the ISP-Information AVP for the selected ISP MUST be carried in the last PAR message with 'C' (Complete) bit set with an AUTH AVP

7 12/05/2007IETF70 PANA WG7 Example Call Flow (NAP Authentication) PaC PAA PCI PSR[S=N=1]{Algorithm} PSA[S=N=1]{Algorithm} PAR[C=N=1]{NAP-Information, EAP-Payload, Key-ID, AUTH} PAN[C=N=1]{Key-ID, AUTH} : PSA[N=1]{EAP-Payload} PSR[N=1]{NAP-Information, EAP-Payload} PSA[N=1]{EAP-Payload} PSR[N=1]{EAP-Payload}

8 12/05/2007IETF70 PANA WG8 Example Call Flow (ISP Selection w/ one ISP choice) PaC PAA PCI PSR[S=N=1]{Algorithm} PSA[S=N=1]{Algorithm} PAR[C=N=1]{ISP-Information, EAP-Payload, Key-ID, AUTH} PAN[C=N=1]{Key-ID, AUTH} : PSA[N=1]{EAP-Payload} PSR[N=1]{ISP-Information, EAP-Payload} PSA[N=1]{EAP-Payload} PSR[N=1]{EAP-Payload}

9 12/05/2007IETF70 PANA WG9 Example Call Flow (ISP Selection w/ two ISP choices) PaC PAA PCI PSR[S=N=1,SID=y]{Algorithm} PSA[S=N=1,SID=y]{Algorithm} PAR[C=N=1]{ISP-Information, EAP-Payload, Key-ID, AUTH} PAN[C=N=1]{Key-ID, AUTH} : PSA[N=1]{ISP-Information,EAP-Payload} PSR[N=1]{ISP-Information, ISP-Information, EAP-Payload} PSA[N=1]{EAP-Payload} PSR[N=1]{EAP-Payload}

10 12/05/2007IETF70 PANA WG10 NAP-Information AVP ISP-Information AVP {NAP,ISP}-Information AVP is of type Octet- String that carries an {NAP,ISP} name encoded as a RADIUS Operator-Name attribute value [I- D.ietf-geopriv-radius-lo] (see below) 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | Namespace ID | Operator-Name... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Operator-Name... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Namespace ID = ‘0’ (TADIG in GSM), ‘1’ (REALM), ‘2’ (E212), ‘3’ (ICC)

11 12/05/2007IETF70 PANA WG11 Thank You!

Download ppt "12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba."

Similar presentations

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.
PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.

PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.
IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.

IETF 58 PANA WG PANA Update and Open Issues (draft-ietf-pana-pana-02.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
IETF-63Bridgewater/Samsung PANA RADIUS PANA RADIUS draft-ietf-pana-aaa-interworking-00.txt Avi Lior, Bridgewater Systems Alper.

IETF-63Bridgewater/Samsung PANA RADIUS PANA RADIUS draft-ietf-pana-aaa-interworking-00.txt Avi Lior, Bridgewater Systems Alper.
July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das

July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das
NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.

NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.
March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba

March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba
7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.

7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.
August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba

August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba
Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.

Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.
IETF-71, Philadelphia PANA in DSL networks draft-morand-pana-panaoverdsl-01.txt Lionel Morand France Telecom Alper Yegin Samsung Yoshihiro Ohba Toshiba.

IETF-71, Philadelphia PANA in DSL networks draft-morand-pana-panaoverdsl-01.txt Lionel Morand France Telecom Alper Yegin Samsung Yoshihiro Ohba Toshiba.
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )

March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
SNMP for the PAA-EP protocol PANA wg - IETF 60 San Diego -> Yacine El Mghazli (Alcatel)

SNMP for the PAA-EP protocol PANA wg - IETF 60 San Diego -> Yacine El Mghazli (Alcatel)
1 RADIUS Attribute Harmonization and Informational guidelines for PWLAN Farid Adrangi Intel Corporation ( )

1 RADIUS Attribute Harmonization and Informational guidelines for PWLAN Farid Adrangi Intel Corporation ( )
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
PANA Implementation in Open Diameter Victor Fajardo.

PANA Implementation in Open Diameter Victor Fajardo.
3/20/2007IETF68 PANA WG1 PANA Issues and Resolutions Yoshihiro Ohba Alper Yegin.

3/20/2007IETF68 PANA WG1 PANA Issues and Resolutions Yoshihiro Ohba Alper Yegin.
PANA Framework Prakash Jayaraman, Rafa Marin Lopez, Yoshihiro Ohba, Mohan Parthasarathy, Alper Yegin IETF 59.

PANA Framework Prakash Jayaraman, Rafa Marin Lopez, Yoshihiro Ohba, Mohan Parthasarathy, Alper Yegin IETF 59.
EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

Similar presentations

Ads by Google