Selection of MIPv6 Security Level Using a Hashed Address
draft-arkko-mipv6-select-hash-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Jari Arkko , Pekka Nikander , Gabriel Montenegro | ||
Last updated | 2002-06-26 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
MIPv6 is being defined with a security solution called Return Routability (RR) that does not need any authentication infrastructure. Given that the solution is 'infrastructureless' in this manner, it isn't very easy to control the solution once it is widely deployed. In particular, it isn't clear how the solution could be changed to a new solution, should that ever become necessary. Peers should be able to agree about the use the new solution in a secure manner, without Man- in-the-Middle attackers from being able to mount a Bidding Down attack and downgrade the security back to the original solution. This draft specifies a simple but secure scheme which allows nodes to choose what security solution they use. One currently known drawback of this scheme is that it is based on a technology that has IPR considera tions.
Authors
Jari Arkko
Pekka Nikander
Gabriel Montenegro
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)