Handover Keying (HOKEY) Architecture Design (RFC6697)
Original Publication Date: 2012-Jul-01
Included in the Prior Art Database: 2012-Jul-27
Internet Society Requests For Comment (RFCs)
G. Zorn: AUTHOR [+7]
The Extensible Authentication Protocol (EAP) [RFC3748] is an authentication framework that supports different types of authentication methods. Originally designed for dial-up connections, EAP is now commonly used for authentication in a variety of access networks.
Internet Engineering Task Force (IETF) G. Zorn, Ed. Request for Comments: 6697 Network Zen Category: Informational Q. Wu ISSN: 2070-1721 T. Taylor Huawei Y. Nir Check Point K. Hoeper Motorola Solutions, Inc. S. Decugis INSIDE Secure July 2012
Handover Keying (HOKEY) Architecture Design
The Handover Keying (HOKEY) Working Group seeks to minimize handover delay due to authentication when a peer moves from one point of attachment to another. Work has progressed on two different approaches to reduce handover delay: early authentication (so that authentication does not need to be performed during handover), and reuse of cryptographic material generated during an initial authentication to save time during re-authentication. A basic assumption is that the mobile host or "peer" is initially authenticated using the Extensible Authentication Protocol (EAP), executed between the peer and an EAP server as defined in RFC 3748.
This document defines the HOKEY architecture. Specifically, it describes design objectives, the functional environment within which handover keying operates, the functions to be performed by the HOKEY architecture itself, and the assignment of those functions to architectural components. It goes on to illustrate the operation of the architecture within various deployment scenarios that are described more fully in other documents produced by the HOKEY Working Group.
Zorn, et al. Informational [Page 1]
RFC 6697 HOKEY Architecture Design ...