Port Control Protocol (PCP) Authentication Mechanism, September 2015
- File formats:
- PROPOSED STANDARD
- RFC 6887
- M. Cullen
- pcp (int)
Discuss this RFC: Send questions or comments to the mailing list [email protected]
An IPv4 or IPv6 host can use the Port Control Protocol (PCP) to flexibly manage the IP address-mapping and port-mapping information on Network Address Translators (NATs) or firewalls to facilitate communication with remote hosts. However, the uncontrolled generation or deletion of IP address mappings on such network devices may cause security risks and should be avoided. In some cases, the client may need to prove that it is authorized to modify, create, or delete PCP mappings. This document describes an in-band authentication mechanism for PCP that can be used in those cases. The Extensible Authentication Protocol (EAP) is used to perform authentication between PCP devices.
This document updates RFC 6887.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.