A SAVI Solution for WLAN
draft-bi-intarea-savi-wlan-01
Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
|
|
---|---|---|---|
Authors | Mingwei Xu , Jianping Wu , Tao Lin , Lin He , You Wang | ||
Last updated | 2024-01-06 (Latest revision 2023-07-05) | ||
Replaces | draft-bi-savi-wlan | ||
RFC stream | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes a source address validation solution for WLANs where 802.11i or other security mechanisms are enabled to secure MAC addresses. This mechanism snoops NDP and DHCP packets to bind IP addresses to MAC addresses, and relies on the security of MAC addresses guaranteed by 802.11i or other mechanisms to filter IP spoofing packets. It can work in the special situations described in the charter of SAVI (Source Address Validation Improvements) workgroup, such as multiple MAC addresses on one interface. This document describes three different deployment scenarios, with solutions for migration of binding entries when hosts move from one access point to another.
Authors
Mingwei Xu
Jianping Wu
Tao Lin
Lin He
You Wang
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)