AAA ARCH 

The AAA Architecture (AAAarch) Research Group meeting at 53th IETF in Minneapolis, USA.


Rough minutes by Dave Spence.

Monday, March 18, 2002
Authentication Authorization Accounting Architecture(AAAarch) RG
Opening remarks and agenda bashing

Cees de Laat

* Since London

o 2 revised drafts in  AAAarch
o 1 draft in last call and submitted
o 0 teleconferences
o ~2 teleconferences related to Access Bind PIB


* Charter review

o Generic AAA ? underway
o Define in a high level and abstract way the interfaces between the different components in the architecture. ? underway
o AAA related policy framework ? on the table
o Accounting model ? on the table
o Simulation model ? underway
o Work with RAP WG? on the table
o Work with GRID-Forum ? underway


* Drafts

o Draft-taal-aaaarch-generic-pol-01.txt
o Draft-irtf-aaaarch-aaa-pol-01.txt
John Vollbrecht
AAAarch Framework ? Security Associations

* Slide showing user, AAA, and application with preexisting SA and business association and relational SA and business association.

o Use preexisting to create “relational” [wrong term]
* Add CA or KDC to the model.

* Add a broker between AAA and application

o How do user and application know what an authorization belongs to?  (binding problem, use of keys)
* Three way exchange
o 802.11i project
o Jesse Walker and others
o Supplicant-initiated key passing
* John mapped the exchange to pull model

* Work item

o Take Chesson model and apply to AAAarch models (push/pull/agent)
o Apply also to roaming/broker model
o Include auditing (proving who asked, who authorized)


* Questions

o Model from application point of view.  Using Keynote2(?) you could use authorization certificates.  [not sure I have this right]

CdL - feb 3th 2002 Visitors of this page: