Guidance for Authentication, Authorization, and Accounting Key Management
RFC 4962, “Guidance for Authentication, Authorization, and Accounting Key Management”, is a Best Current Practice document published in July 2007 by R. Housley, B. Aboba. The canonical text is published by the RFC Editor.
Abstract
This document provides guidance to designers of Authentication, Authorization, and Accounting (AAA) key management protocols. The guidance is also useful to designers of systems and solutions that include AAA key management protocols. Given the complexity and difficulty in designing secure, long-lasting key management algorithms and protocols by experts in the field, it is almost certainly inappropriate for IETF working groups without deep expertise in the area to be designing their own key management algorithms and protocols based on Authentication, Authorization, and Accounting (AAA) protocols. The guidelines in this document apply to documents requesting publication as IETF RFCs. Further, these guidelines will be useful to other standards development organizations (SDOs) that specify AAA key management. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.
What “Best Current Practice” means
Documents the IETF community's recommended operational or procedural practice rather than a protocol specification.
The canonical text of RFC 4962 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 4961 Symmetric RTP / RTP Control Protocol
- RFC 4963 IPv4 Reassembly Errors at High Data Rates
- RFC 4960 Stream Control Transmission Protocol
- RFC 4964 The P-Answer-State Header Extension to the Session Initiation Protocol for the Open Mobile Alliance Push to Talk over Cellular
- RFC 4959 IMAP Extension for Simple Authentication and Security Layer Initial Client Response
- RFC 4965 CableLabs - IETF Standardization Collaboration
- RFC 4958 A Framework for Supporting Emergency Telecommunications Services within a Single Administrative Domain
- RFC 4966 Reasons to Move the Network Address Translator - Protocol Translator to Historic Status