Cryptographically Generated Addresses (CGA)
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: Internet Architecture Board <email@example.com>, RFC Editor <firstname.lastname@example.org>, send mailing list <email@example.com>, send chair <firstname.lastname@example.org> Subject: Protocol Action: 'Cryptographically Generated Addresses (CGA)' to Proposed Standard The IESG has approved the following document: - 'Cryptographically Generated Addresses (CGA) ' <draft-ietf-send-cga-07.txt> as a Proposed Standard This document is the product of the Securing Neighbor Discovery Working Group. The IESG contact persons are Margaret Wasserman and Mark Townsley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-send-cga-07.txt
Technical Summary This document describes a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol. Cryptographically Generated Addresses (CGA) are IPv6 addresses where the interface identifier is generated by computing a cryptographic one-way hash function from a public key and auxiliary parameters. The binding between the public key and the address can be verified by re-computing the hash value and by comparing the hash with the interface identifier. Messages sent from an IPv6 address can be protected by attaching the public key and auxiliary parameters and by signing the message with the corresponding private key. The protection works without a certification authority or other security infrastructure. Working Group Summary This document is the work output of the SEND WG. It reflects updates to address last call review comments from Pekka Savola. Protocol Quality This document was reviewed for the IESG by Margaret Wasserman.