database logo graphic

RFC 6496

"Secure Proxy ND Support for SEcure Neighbor Discovery (SEND)", February 2012

Canonical URL:
http://www.rfc-editor.org/rfc/rfc6496.txt
This document is also available in this non-normative format: PDF.
Status:
EXPERIMENTAL
Authors:
S. Krishnan
J. Laganier
M. Bonola
A. Garcia-Martinez
Stream:
IETF
Source:
csi (int)

Cite this RFC: TXT  |  XML

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

SEcure Neighbor Discovery (SEND) specifies a method for securing Neighbor Discovery (ND) signaling against specific threats. As defined today, SEND assumes that the node sending an ND message is the owner of the address from which the message is sent and/or possesses a key that authorizes the node to act as a router, so that it is in possession of the private key or keys used to generate the digital signature on each message. This means that the Proxy ND signaling performed by nodes that do not possess knowledge of the address owner's private key and/or knowledge of a router's key cannot be secured using SEND. This document extends the current SEND specification in order to secure Proxy ND operation. This document defines an Experimental Protocol for the Internet community.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Go to the RFC Editor Homepage.