Technical Summary
Mobile IPv6 signaling between a mobile node and its home agent is
secured using IPsec. The security association between a mobile node
and the home agent is established using IKEv1 or IKEv2. The security
model specified for Mobile IPv6, which relies on IKE/IPsec, requires
interaction between the Mobile IPv6 protocol component and the IKE/
IPsec module of the IP stack. This document proposes an alternate
security framework for Mobile IPv6 and Dual-Stack Mobile IPv6, which
relies on Transport Layer Security for establishing keying material
and other bootstrapping parameters required to protect Mobile IPv6
signaling and data traffic between the mobile node and home agent.
Working Group Summary
This document has been discussed in the WG over 2+ years and
there is general consensus on adopting the proposed solution on
an experimental basis. The I-D does not deprecate the IPsec based
security mechanism which is the default. Instead it proposes an
alternative scheme which enables ease of deployment.
Document Quality
There is at least one known implementation of the protocol. This
implementation has been done on the Nokia N900 device as well as
Ubuntu and Debian linux platforms. The implementation has been
shown at previous IETF meetings.
All reviewers who have helped improve the document have been
acknowledged in the I-D.
Personnel
The responsible Area Director is Jari Arkko. There is no Document
Shepherd.