Browse Prior Art Database

Identity Representation for RSVP (RFC2752)

IP.com Disclosure Number: IPCOM000003349D
Original Publication Date: 2000-Jan-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 14 page(s) / 31K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Yadav: AUTHOR [+6]

Abstract

This document describes the representation of identity information in POLICY_DATA object [POL-EXT] for supporting policy based admission control in RSVP. The goal of identity representation is to allow a process on a system to securely identify the owner and the application of the communicating process (e.g. user id) and convey this information in RSVP messages (PATH or RESV) in a secure manner. We describe the encoding of identities as RSVP policy element. We describe the processing rules to generate identity policy elements for multicast merged flows. Subsequently, we describe representations of user identities for Kerberos and Public Key based user authentication mechanisms. In summary we describe the use of this identity information in an operational setting.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 9% of the total text.

Network Working Group S. Yadav

Request for Comments: 2752 R. Yavatkar

Category: Standards Track Intel

R. Pabbati

P. Ford

T. Moore

Microsoft

S. Herzog

IPHighway

January 2000

Identity Representation for RSVP

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2000). All Rights Reserved.

Abstract

This document describes the representation of identity information in

POLICY_DATA object [POL-EXT] for supporting policy based admission

control in RSVP. The goal of identity representation is to allow a

process on a system to securely identify the owner and the

application of the communicating process (e.g. user id) and convey

this information in RSVP messages (PATH or RESV) in a secure manner.

We describe the encoding of identities as RSVP policy element. We

describe the processing rules to generate identity policy elements

for multicast merged flows. Subsequently, we describe representations

of user identities for Kerberos and Public Key based user

authentication mechanisms. In summary we describe the use of this

identity information in an operational setting.

1. Conventions used in this document

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",

"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this

document are to be interpreted as described in [RFC-2119].

2. Introduction

RSVP [RFC 2205] is a resource reservation setup protocol designed for

an integrated services Internet [RFC 1633]. RSVP is used by a host to

request specific quality of service (QoS) from the network for

particular application data streams or flows. RSVP is also used by

routers to deliver QoS requests to all nodes along the path(s) of the

flows and to establish and maintain state to provide the requested

service. RSVP requests will generally result in resources being

reserved in each node along the data path. RSVP allows particular

users to obtain preferential access to network resources, under the

control of an admission control mechanism. Permission to make a

reservation is based both ...