Network Working Group F. Johansson Request for Comments: 3846 ipUnplugged Category: Standards Track T. Johansson Bytemobile June 2004 Mobile IPv4 Extension for Carrying Network Access Identifiers Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2004).
AbstractWhen a mobile node moves between two foreign networks, it has to be re-authenticated. If the home network has both multiple Authentication Authorization and Accounting (AAA) servers and Home Agents (HAs) in use, the Home AAA server may not have sufficient information to process the re-authentication correctly (i.e., to ensure that the same HA continues to be used). This document defines a Mobile IP extension that carries identities for the Home AAA and HA servers in the form of Network Access Identifiers (NAIs). The extension allows a Home Agent to pass its identity (and that of the Home AAA server) to the mobile node, which can then pass it on to the local AAA server when changing its point of attachment. This extension may also be used in other situations requiring communication of a NAI between Mobile IP nodes. 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Requirements terminology . . . . . . . . . . . . . . . . . . . 2 3. NAI Carrying Extension . . . . . . . . . . . . . . . . . . . . 3 3.1. Processing of the NAI Carrying Extension . . . . . . . . 3 4. HA Identity subtype . . . . . . . . . . . . . . . . . . . . . 4 5. AAAH Identity subtype . . . . . . . . . . . . . . . . . . . . 4 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6
9. Normative References . . . . . . . . . . . . . . . . . . . . . 6 10. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 7 11. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 8 RFC 3344 . Unfortunately this may not be enough since some AAA infrastructures (such as Diameter ) use realm based routing; such a AAA infrastructure needs to know the FQDN identity of the home agent to be able to correctly handle the assignment of the home agent. A reverse DNS lookup would only disclose the identity of the Mobile IP interface for that HA IP address, which may or may not have a one-to-one correspondence with the home agent FQDN identity. This is a reason for the HA to also include its own identity in the registration reply. The MIP v4 extension defined in this document also has a subtype defined by which this may be done. The HA identity can then be included by the mobile node in later registration requests when changing the point of attachment. RFC 2119 . The Mobile IP related terminology described in RFC 3344  is used in this document. In addition, the following terms are used: AAAH One of several possible AAA Servers in the Home Network
FQDN Fully Qualified Domain Name. Identity The identity of a node is equal to its FQDN. NAI Network Access Identifier . 5]. The extension may be used by any node that wants to send identity information in the form of a NAI . This document also defines some subtype numbers which identify the specific type of NAI carried in Sections 4 and 5. It is expected that other types of NAI will be defined by other documents in the future. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Sub-Type | NAI ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type 136 (skippable) . Length 8-bit unsigned integer. Length of the extension, in octets, excluding the extension Type and the extension Length fields. This field MUST be set to 1 plus the total length of the NAI field. Sub-Type This field describes the particular type NAI which is carried in the NAI field. NAI Contains the NAI  in a string format.
In the event the foreign agent adds a NAI Carrying Extension to a registration message, the extension MUST appear prior to any authentication extensions added by the FA. If an HA has appended a NAI Carrying Extension to a Registration Reply to an MN, and does not receive the NAI extension in subsequent Registration Request messages from the MN, the HA can assume that the MN does not understand this NAI extension. In this case, the HA SHOULD NOT append this NAI extension to further Registration Reply messages to the MN.
If several AAA servers exist in the Home Network, a Home Agent providing AAAH selection support according to this document MUST provide the AAAH identity in the first Registration Reply sent to the Mobile Node. The extension only needs to be included in subsequent Registration Replies if the same extension is included in Registration Requests received from the same Mobile Node. A mobile node SHOULD save the latest AAAH Identity received in a registration reply message and SHOULD provide the AAAH Identity in every registration request sent when re-authenticating, for efficiency reasons. Failure to reach the indicated AAAH during re- authentication will result in a new AAAH Identity NAI being returned (which should then be saved and provided in subsequent registration requests). Similarly, failure to re-authenticate, for instance because no AAAH can be reached, will result in termination of the Mobile-IP session; on initiation of a new session, a new AAAH Identity NAI may be provided to the Mobile Node for re-use during later re-registrations. A foreign agent which receives the AAAH NAI by this extension in a registration request SHOULD include the AAAH NAI provided when requesting Mobile Node authentication through the AAA infrastructure if the AAA protocol used can carry the information. 4], unless other authentication methods have been agreed upon. Therefore, this specification does not lessen the security of Mobile IP messages. It should be noted that the identities sent in the extensions specified herein MAY be sent in the clear over the network. However, the authors do not envision that this information would create security issues. Section 3 defines a new Mobile IP extension, the Mobile IP NAI Carrying Extension. The type number for this extension is 136. This extension introduces a new sub-type numbering space where the values
1 and 2 have been assigned in this document. Approval of new Mobile IP NAI Carrying Extension sub-type numbers is subject to Expert Review, and a specification is required . The content and format for this extension is not specific to AAA NAIs, so if in the future new NAIs are defined which do not strictly fall within the category of AAA NAIs, they may nevertheless be accommodated within the subtype numbering space defined for the NAI Carrying Extension defined in this document. The NAI Carrying Extension should be assigned a type value from both the IANA number space for Mobile IPv4 skippable extensions and from the IANA number space for Mobile IPv4 advertisement extensions. Ideally, the numbers assigned from these two numbering spaces should have the same value.  Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.  Aboba, B. and M. Beadles, "The Network Access Identifier", RFC 2486, January 1999.  Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 2434, October 1998.  Calhoun, P. and C. Perkins, "Mobile IP Network Access Identifier Extension for IPv4", RFC 2794, March 2000.  Perkins, C., "IP Mobility Support for IPv4", RFC 3344, August 2002.  Calhoun, P., Loughney, J., Guttman, E., Zorn, G. and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003.
BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- firstname.lastname@example.org. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society.