Threats for Basic Network Mobility Support (NEMO threats)

Document Type Expired Internet-Draft (individual)
Author Alexandre Petrescu 
Last updated 2004-01-12
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes security threats related to the network mobility base protocol (NEMO). Threats of Mobile IPv6 for Mobile Hosts are only briefly touched when in need of support of related NEMO threats. The NEMO signalling between MR and HA, as well as the forwarding information at HA and nested mobility configurations are considered to be the main sensitive points of the protocol. Existing tools of Mobile IPv6 protection between MH and HA (IPsec), dynamic routing protocol authentication, NEMO prefix table, ingress filtering checks at HA and tunnel encapsulation limiting are presented as protocol features affording protection against threats. NEMO threats for which there are no protections are briefly mentioned.


Alexandre Petrescu (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)