RFC 2906 (rfc2906) - Page 2 of 23


AAA Authorization Requirements



Alternative Format: Original Text Document



RFC 2906             AAA Authorization Requirements          August 2000


Table Of Contents

   1. Introduction.................................................2
   2. Requirements.................................................3
       2.1  Authorization Information..............................3
       2.2  Security of authorization information..................7
       2.3  Time...................................................9
       2.4  Topology..............................................10
       2.5  Application Proxying..................................12
       2.6  Trust Model...........................................12
       2.7  Not just transactions.................................14
       2.8  Administration........................................15
       2.9  Bytes on-the-wire.....................................16
       2.10 Interfaces............................................17
       2.11 Negotiation...........................................18
   3. Security Considerations.....................................19
   4. References..................................................20
   Authors' Addresses.............................................20
   Full Copyright Statement.......................................23

1. Introduction

   This document is one of a series of three documents under
   consideration by the AAAarch RG dealing with the authorization
   requirements for AAA protocols.  The three documents are:

         AAA Authorization Framework [FRMW]
         AAA Authorization Requirements (this document)
         AAA Authorization Application Examples [SAMP]

   The work for this memo was done by a group that originally was the
   Authorization subgroup of the AAA Working Group of the IETF.  When
   the charter of the AAA working group was changed to focus on MobileIP
   and NAS requirements, the AAAarch Research Group was chartered within
   the IRTF to continue and expand the architectural work started by the
   Authorization subgroup.  This memo is one of four which were created
   by the subgroup.  This memo is a starting point for further work
   within the AAAarch Research Group.  It is still a work in progress
   and is published so that the work will be available for the AAAarch
   subgroup and others working in this area, not as a definitive
   description of architecture or requirements.

   The process followed in producing this document was to analyze the
   requirements from [SAMP] based on a common understanding of the AAA
   authorization framework [FRMW]. This document assumes familiarity
   with both the general issues involved in authorization and, in
   particular, the reader will benefit from a reading of [FRMW] where,
   for example, definitions of terms can be found.



Farrell, et al.              Informational