Selection of MIPv6 Security Level Using a Hashed Address

Document Type Expired Internet-Draft (individual)
Authors Jari Arkko  , Pekka Nikander  , Gabriel Montenegro 
Last updated 2002-06-26
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


MIPv6 is being defined with a security solution called Return Routability (RR) that does not need any authentication infrastructure. Given that the solution is 'infrastructureless' in this manner, it isn't very easy to control the solution once it is widely deployed. In particular, it isn't clear how the solution could be changed to a new solution, should that ever become necessary. Peers should be able to agree about the use the new solution in a secure manner, without Man- in-the-Middle attackers from being able to mount a Bidding Down attack and downgrade the security back to the original solution. This draft specifies a simple but secure scheme which allows nodes to choose what security solution they use. One currently known drawback of this scheme is that it is based on a technology that has IPR considera­ tions.


Jari Arkko (
Pekka Nikander (
Gabriel Montenegro (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)