SEcure Neighbor Discovery (SEND)
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, send mailing list <firstname.lastname@example.org>, send chair <email@example.com> Subject: Protocol Action: 'SEcure Neighbor Discovery (SEND)' to Proposed Standard The IESG has approved the following document: - 'SEcure Neighbor Discovery (SEND) ' <draft-ietf-send-ndopt-07.txt> as a Proposed Standard This document is the product of the Securing Neighbor Discovery Working Group. The IESG contact persons are Margaret Wasserman and Mark Townsley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-send-ndopt-07.txt
Technical Summary IPv6 nodes use the Neighbor Discovery Protocol (NDP) to discover other nodes on the link, to determine the link-layer addresses of other nodes on the link, to find routers, and to maintain reachability information about the paths to active neighbors. If not secured, NDP is vulnerable to various attacks. This document specifies security mechanisms for NDP. Unlike the original NDP specifications, these mechanisms do not make use of IPsec. Working Group Summary The only major issue in the WG about this document was that both Microsoft and Ericsson declared that they had IPR on CGA technology. This issue was resolved after license conditions agreeable to the WG participants and suited for public domain software were posted by the respective companies. Before this, the WG briefly investigated an alternative that would have required the configuration of hosts with certificates, which might have resulted in deployment problems. Another significant issue in the WG focused around the design of the protocol and whether it should be based on IPsec AH or stand on its own. After documenting the alternatives and comparing their pros and cons, the consensus of the WG was to use an ND options based approach instead of IPsec. The benefits of this were lack of impact on IPsec architecture and implementations, and better ability to make security decisions based on application state. This is important, for instance, for co-existence of SEND and insecure ND on the same link. A minor issue involved how to represent the authorization for routers to route a certain prefix. The WG originally favored attribute certificates, but since the PKIX WG was planning on defining an identity certificate extension for this purpose, the WG decided to go with the IP address range extension in draft-ietf-pkix-x509-ipaddr-as-extn-03.txt. Note that this constructs a normative dependence on that draft, and it would be helpful if we could get that draft to advance as quickly as possible (or alterntively figure out a way to remove the normative dependence) since there is a market window on how long before it becomes too late for SEND to achieve widespread deployment, and having an officially published RFC is important for implementors. Protocol Quality The basic protocol design has been implemented on Linux. That implementation was used to fine tune the design, and the results of the fine tuning went into the final draft. This document was reviewed for the IESG by Margaret Wasserman.