NAI Extension

NAI Extension

The Network Access Identifier (NAI) extension, also referred to as the MN-NAI extension, provides a way for an MN to identify itself to a foreign network, along with the identity verification infrastructure which can be queried to authenticate the user—and possibly obtain other information useful to set up the session, such as security keys and QoS or service charging parameters. To achieve this, the NAI extension is included in the MS's registration request. The NAI itself, carried in the NAI extension, defines a format for the user identity (described in [RFC2486]) in the form user@domain. The user component provides a user identity and the domain component the identity of a verification infrastructure that can be used to verify the user identity. The user identity must be unique within the "domain." The NAI extension is described in [RFC2794], which obsoletes [RFC2290]. Its format is shown in Figure A.4.

Figure A.4: NAI extension format.

If the NAI is used to identify the MS, then the foreign network does not require its home address, so the MS without a home address can still be positively authenticated by the network. In this case the Home Address field in the registration request message is set to 0, which would signal the need to assign a home address to the MS. The home address is then included in the registration reply from the FA or HA. As such, the NAI extension allows not only for roaming support but also for the support of dynamic home address assignment. The NAI is included in the registration request before the MN-HA and MN-FA extensions.