IETF July 1999 Proceedings

Current Meeting Report
Slides

2.2.1 Authentication, Authorization and Accounting (aaa)

NOTE: This charter is a snapshot of the 45th IETF Meeting in Oslo, Norway. It may now be out-of-date. Last Modified: 15-Jun-99

Chair(s):

Brian Lloyd <brian@lloyd.com>
Paul Krumviede <Paul@mci.net>

General Area Director(s):

Fred Baker <fred@cisco.com>

General Area Advisor:

Fred Baker <fred@cisco.com>

Mailing Lists:

General Discussion:aaa-wg@merit.edu
To Subscribe: majordomo@merit.edu
In Body: subscribe aaa-wg
Archive: http://www.merit.edu/mail.archives/html/aaa-wg/

Description of Working Group:

The Authentication, Authorization and Accounting working group will focus on the specification of a general Authentication, Authorization, and Accounting architecture for the Internet. The purpose behind this is to create a set of base protocols applicable to a number of specific AAA applications. These include at least IP Telephony, SS7 AAA, Bandwidth Broker AAA, and Network Access Server AAA. By creating an architecture and set of base protocols, the amount of work to create specific AAA protocols will be reduced.

The list of target applications implies a strong interaction with many areas of IETF activity, which is the justification for doing this work in the General Area. The working group will dialog specifically with the Application, Transport, and Security Areas, and others as needed, to achieve its objectives.

The problem space for a general AAA working group contains work in:

- determining the current set of specific applications that the AAA will service;

- documenting requirements for a base AAA architecture;

- identifying the capabilities and limitations of protocols currently used to represent and transport AAA information, e.g. RADIUS, Diameter, COPS, etc.;

- selecting a transport protocol or set of transport protocols to be used by a general AAA protocol based on the requirements,

- selecting the framework for the AAA protocols;

- specifying the AAA architecture and nature of the implied protocols;

- specifying the data formats for information contained in the AAA protocol information for authentication, authorization, and accounting;

- identify the relationship and interaction between Policy and Authorization.

The first step in this working group is to determine the requirements for the AAA architecture, and probable uses of that architecture. Once the requirements have been documented, the working group will be rechartered to implement to those requirements. A close second is to consider proposals of base protocols; ideally, the working group should be able to finalize requirements and review proposals during its second meeting.

The working group will target the use of TCP and defined procedures on UDP. When a transaction transport protocol has been developed elsewhere in the IETF, the working group will consider changing from TCP and UDP to that protocol.

Goals and Milestones:

Apr 99



Publish AAA Applications (to be an Informational RFC) as an Internet Draft

Apr 99



Submit Authentication Requirements initial Internet-Draft

Apr 99



Submit Authorization Requirements initial Internet-Draft

Apr 99



Submit Accounting Requirements initial Internet-Draft

Jun 99



AAA Base protocol proposals documented as Internet-Drafts

Aug 99



Submit AAA Base Protocol Framework Working Group as Internet-Draft

Aug 99



Submit AAA Applications to IESG for publication as an Informational RFC

Aug 99



Submit AAA Requirements to to IESG for publication as an Informational RFC

Sep 99



Revision of charter to include statement of work regarding specific protocols and data formats.

Oct 99



Submit AAA Base Protocol(s) Specification as an Internet-Draft