Secure Proxy ND Support for SEcure Neighbor Discovery (SEND), February 2012
- Canonical URL:
- File formats:
- S. Krishnan
- csi (int)
SEcure Neighbor Discovery (SEND) specifies a method for securing Neighbor Discovery (ND) signaling against specific threats. As defined today, SEND assumes that the node sending an ND message is the owner of the address from which the message is sent and/or possesses a key that authorizes the node to act as a router, so that it is in possession of the private key or keys used to generate the digital signature on each message. This means that the Proxy ND signaling performed by nodes that do not possess knowledge of the address owner's private key and/or knowledge of a router's key cannot be secured using SEND. This document extends the current SEND specification in order to secure Proxy ND operation. This document defines an Experimental Protocol for the Internet community.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.