Re: [Dime] Question on Auth-Application-Id AVP in Diameter answermessages
"Gowda, Avinash" <agowda@starentnetworks.com> Thu, 26 February 2009 16:58 UTC
Return-Path: <agowda@starentnetworks.com>
X-Original-To: dime@core3.amsl.com
Delivered-To: dime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 717E03A6802 for <dime@core3.amsl.com>; Thu, 26 Feb 2009 08:58:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.369
X-Spam-Level:
X-Spam-Status: No, score=-1.369 tagged_above=-999 required=5 tests=[AWL=0.629, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_56=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9GFrYXBwDhpX for <dime@core3.amsl.com>; Thu, 26 Feb 2009 08:58:00 -0800 (PST)
Received: from mx0.starentnetworks.com (mx0.starentnetworks.com [12.38.223.203]) by core3.amsl.com (Postfix) with ESMTP id 80AAC28C258 for <dime@ietf.org>; Thu, 26 Feb 2009 08:57:51 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mx0.starentnetworks.com (Postfix) with ESMTP id 611EF9008D for <dime@ietf.org>; Thu, 26 Feb 2009 11:58:09 -0500 (EST)
Received: from mx0.starentnetworks.com ([127.0.0.1]) by localhost (mx0.starentnetworks.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12379-20 for <dime@ietf.org>; Thu, 26 Feb 2009 11:58:08 -0500 (EST)
Received: from exchtewks1.starentnetworks.com (exchtewks1.starentnetworks.com [10.2.4.28]) by mx0.starentnetworks.com (Postfix) with ESMTP for <dime@ietf.org>; Thu, 26 Feb 2009 11:58:08 -0500 (EST)
Received: from exchindia3.starentnetworks.com ([10.6.7.5]) by exchtewks1.starentnetworks.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 26 Feb 2009 11:58:08 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C99833.625587AA"
Date: Thu, 26 Feb 2009 22:28:01 +0530
Message-ID: <69FADB84C90B1248A7DE59422771FA0C0C8A1063@exchindia3.starentnetworks.com>
In-Reply-To: <28D43D510069B644A3980EDF9AF1AB7544FF1E555F@GUREXMB01.ASIAN.AD.ARICENT.COM>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Dime] Question on Auth-Application-Id AVP in Diameter answermessages
Thread-Index: AcmX3vf+g+KLkHDFTmKGcJp8gvurYAAIi5YgAAyJVeA=
References: <69FADB84C90B1248A7DE59422771FA0C0C8A0E80@exchindia3.starentnetworks.com> <28D43D510069B644A3980EDF9AF1AB7544FF1E555F@GUREXMB01.ASIAN.AD.ARICENT.COM>
From: "Gowda, Avinash" <agowda@starentnetworks.com>
To: Ankit Kumar Sharma <ankit.sharma@aricent.com>, dime@ietf.org
X-OriginalArrivalTime: 26 Feb 2009 16:58:08.0619 (UTC) FILETIME=[6670C3B0:01C99833]
X-Virus-Scanned: amavisd-new 2.2.1 (20041222) at mx0.starentnetworks.com
Subject: Re: [Dime] Question on Auth-Application-Id AVP in Diameter answermessages
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Feb 2009 16:58:06 -0000
Hi Ankit, As per RFC 3588 Bis15 6.8. Auth-Application-Id AVP The Auth-Application-Id AVP (AVP Code 258) is of type Unsigned32 and is used in order to advertise support of the Authentication and Authorization portion of an application (see Section 2.4 <http://tools.ietf.org/html/draft-ietf-dime-rfc3588bis-12#section-2.4> ). If present in a message other than CER and CEA, the value of the Auth- Application-Id AVP MUST match the Application Id present in the Diameter message header. When the same Application-Id is present in Diameter Header then what is the necessity of having duplicate data in this Auth-Application-Id AVP? Thanks, Avinash Gowda ________________________________ From: Ankit Kumar Sharma [mailto:ankit.sharma@aricent.com] Sent: Thursday, February 26, 2009 4:48 PM To: Gowda, Avinash; dime@ietf.org Subject: RE: [Dime] Question on Auth-Application-Id AVP in Diameter answermessages Please see my comments inline... ________________________________ From: dime-bounces@ietf.org [mailto:dime-bounces@ietf.org] On Behalf Of Gowda, Avinash Sent: Thursday, February 26, 2009 12:24 PM To: dime@ietf.org Subject: [Dime] Question on Auth-Application-Id AVP in Diameter answermessages Hi All, I have question on mandating Auth-Application-Id AVP in answer messages. In 3GPP TS 29.273 V8.0.0 Section 5.2.2.3.4 --------------------------------------------- < AA-Answer > ::= < Diameter Header: 268, PXY, 16777250 > < Session-Id > { Auth-Application-Id } { Auth-Request-Type } { Result-Code } [ Experimental-Result ] { Origin-Host } { Origin-Realm } [ Session-Timeout ] [ Accounting-Interim-Interval ] *[ APN-Configuration ] ... *[ AVP ] According to this spec, Auth-Application-Id is a mandatory AVP in AA-Answer message. I have following questions: * Is it necessary to have Auth-Application-Id AVP as a mandatory AVP in answer message? <Yes, because specs are mandating it> * Is there any specific use by mandating it? Can't we have it as an optional AVP ([Auth-Application-Id])? <I could think of a scenario where we have more than one User Diameter applications in a single process on our local node, and each one is capable of sending AAR command for ex. we have NASREQ and Tx . In this case, Auth-Application-Id could be used to route the incoming AAA from peer to correct local application module. In this example, user wants to be authenticated on two different interfaces and Auth-Application-Id is used to distinguish the answers of both requests> Please help me to understand this. Thanks, Avinash Gowda Regards, Ankit ________________________________ "DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error,please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."
- [Dime] Question on Auth-Application-Id AVP in Dia… Gowda, Avinash
- Re: [Dime] Question on Auth-Application-Id AVP in… jouni korhonen
- Re: [Dime] Question on Auth-Application-Id AVP in… Ankit Kumar Sharma
- Re: [Dime] Question on Auth-Application-Id AVP in… Mark Jones
- Re: [Dime] Question on Auth-Application-Id AVP in… Gowda, Avinash