RFC 3520 (rfc3520) - Page 2 of 30

Session Authorization Policy Element

Alternative Format: Original Text Document
< Previous
Next >
RFC 3520          Session Authorization Policy Element        April 2003


Table of Contents

   1. Conventions used in this document..............................3
   2. Introduction...................................................3
   3. Policy Element for Session Authorization.......................4
      3.1 Policy Data Object Format..................................4
      3.2 Session Authorization Policy Element.......................4
      3.3 Session Authorization Attributes...........................4
        3.3.1 Authorizing Entity Identifier..........................6
        3.3.2 Session Identifier.....................................7
        3.3.3 Source Address.........................................7
        3.3.4 Destination Address....................................9
        3.3.5 Start time............................................10
        3.3.6 End time..............................................11
        3.3.7 Resources Authorized..................................11
        3.3.8 Authentication data...................................12
   4. Integrity of the AUTH_SESSION policy element..................13
      4.1 Shared symmetric keys.....................................13
        4.1.1 Operational Setting using shared symmetric keys.......13
      4.2 Kerberos..................................................14
        4.2.1. Operational Setting using Kerberos...................15
      4.3 Public Key................................................16
        4.3.1. Operational Setting for public key based
               authentication.......................................16
          4.3.1.1 X.509 V3 digital certificates.....................17
          4.3.1.2 PGP digital certificates..........................17
   5. Framework.....................................................18
      5.1 The coupled model.........................................18
      5.2 The associated model with one policy server...............18
      5.3 The associated model with two policy servers..............19
      5.4 The non-associated model..................................19
   6. Message Processing Rules......................................20
      6.1 Generation of the AUTH_SESSION by the authorizing entity..20
      6.2 Message Generation (RSVP Host)............................20
      6.3 Message Reception (RSVP-aware Router).....................20
      6.4 Authorization (Router/PDP)................................21
   7. Error Signaling...............................................22
   8. IANA Considerations...........................................22
   9. Security Considerations.......................................24
   10. Acknowledgments..............................................24
   11. Normative References.........................................25
   12. Informative References.......................................27
   13. Intellectual Property Statement..............................27
   14. Contributors.................................................28
   15. Authors' Addresses...........................................29
   16. Full Copyright Statement.....................................30





Hamer, et al.               Standards Track
< Previous
Next >