Proposal for Issue 3
The section 3.1 is modified to include the processing
details of each error code received in the Registration Reply at the Mobile
Node. This includes extraction of new challenge value when the Registration
Reply is received with the following error codes:
- UNKNOWN_CHALLENGE
- MISSING_CHALLENGE
- BAD_AUTHENTICATION
- STALE_CHALLENGE
The following text modifications are proposed in section 3.1:
Existing Text
A Mobile Node might receive an UNKNOWN_CHALLENGE error (see section 9) if it
moves to a new Foreign Agent that cannot validate the challenge provided in the
Registration Request. In such instances, the Mobile Node MUST use a new
Challenge value in any new registration, obtained either from an Agent
Advertisement, or from a Challenge extension to the Registration Reply
containing the error.
A Mobile Node that does not include a Challenge when the Mobile-Foreign
Authentication extension is present may receive a MISSING_CHALLENGE (see section
10) error. In this case, the foreign agent will not process the request from
the mobile node unless the request contains an unused Challenge.
A Mobile Node that receives a BAD_AUTHENTICATION Code value (see section 10)
SHOULD include the Mobile-AAA Authentication Extension in the next Registration
Request. This will make it possible for the Foreign Agent to use its AAA
infrastructure in order to authenticate the Mobile Node.
New Text
A Mobile Node might receive the following error codes in the Registration
Reply from the Foreign Agent as a response to the Registration Request. The
error codes are defined in section 10.
- UNKNOWN_CHALLENGE:
- This error code is set by the Mobile Node in the case
where the Mobile Node has moved to a new Foreign Agent that cannot validate the
challenge provided in the Registration Request. In such instances, the Mobile
Node MUST use a new Challenge value in any new registration, obtained either
from an Agent Advertisement, or from a Challenge extension to the Registration
Reply containing the error.
- MISSING_CHALLENGE:
- A Mobile Node that does not include a Challenge when the
Mobile-Foreign Authentication extension is present may receive a
MISSING_CHALLENGE error. In this case, the Mobile Node SHOULD send an unused
Challenge extension in the next Registration Request.
- BAD_AUTHENTICATION:
- A Mobile Node that receives a BAD_AUTHENTICATION Code
value SHOULD include the Mobile-AAA Authentication Extension in the next
Registration Request. This will make it possible for the Foreign Agent to use
its AAA infrastructure in order to authenticate the Mobile Node. In this case,
the Mobile Node MUST use a new Challenge value in any new registration, obtained
either from an Agent Advertisement, or from a Challenge extension to the
Registration Reply containing the error.
- STALE_CHALLENGE:
- If the Foreign Agent receives a Registration
Request with a Challenge extension containing a Challenge value previously used
by that mobile node, the Mobile Node MAY receive a Registration Reply to the
mobile node containing the Code value STALE_CHALLENGE. In such instances, the Mobile Node MUST use a new Challenge value in next Registration Request, obtained either from an Agent Advertisement, or from a Challenge extension to the Registration Reply containing the error.