Port Control Protocol Authentication Mechanism
RFC 7652, “Port Control Protocol Authentication Mechanism”, is a Proposed Standard document published in September 2015 by M. Cullen, S. Hartman, D. Zhang, T. Reddy. It updates RFC 6887. The canonical text is published by the RFC Editor.
Abstract
An IPv4 or IPv6 host can use the Port Control Protocol (PCP) to flexibly manage the IP address-mapping and port-mapping information on Network Address Translators (NATs) or firewalls to facilitate communication with remote hosts. However, the uncontrolled generation or deletion of IP address mappings on such network devices may cause security risks and should be avoided. In some cases, the client may need to prove that it is authorized to modify, create, or delete PCP mappings. This document describes an in-band authentication mechanism for PCP that can be used in those cases. The Extensible Authentication Protocol (EAP) is used to perform authentication between PCP devices.
This document updates RFC 6887.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 7652 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 7651 3GPP IP Multimedia Subsystems Option for the Internet Key Exchange Protocol Version 2
- RFC 7653 DHCPv6 Active Leasequery
- RFC 7650 A Constrained Application Protocol Usage for REsource LOcation And Discovery
- RFC 7654 Benchmarking Methodology for In-Service Software Upgrade
- RFC 7649 The Jabber Scribe Role at IETF Meetings
- RFC 7655 RTP Payload Format for G.711.0
- RFC 7648 Port Control Protocol Proxy Function
- RFC 7656 A Taxonomy of Semantics and Mechanisms for Real-Time Transport Protocol Sources