Mobile IPv6 Security Framework Using Transport Layer Security for Communication between the Mobile Node and Home Agent

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    mext mailing list <>,
    mext chair <>
Subject: Document Action: 'Transport Layer Security-based Mobile IPv6 Security Framework for Mobile Node to Home Agent Communication' to Experimental RFC (draft-ietf-mext-mip6-tls-05.txt)

The IESG has approved the following document:
- 'Transport Layer Security-based Mobile IPv6 Security Framework for
   Mobile Node to Home Agent Communication'
  (draft-ietf-mext-mip6-tls-05.txt) as an Experimental RFC

This document is the product of the Mobility EXTensions for IPv6 Working

The IESG contact persons are Jari Arkko and Ralph Droms.

A URL of this Internet Draft is:

Technical Summary

  Mobile IPv6 signaling between a mobile node and its home agent is
  secured using IPsec.  The security association between a mobile node
  and the home agent is established using IKEv1 or IKEv2.  The security
  model specified for Mobile IPv6, which relies on IKE/IPsec, requires
  interaction between the Mobile IPv6 protocol component and the IKE/
  IPsec module of the IP stack.  This document proposes an alternate
  security framework for Mobile IPv6 and Dual-Stack Mobile IPv6, which
  relies on Transport Layer Security for establishing keying material
  and other bootstrapping parameters required to protect Mobile IPv6
  signaling and data traffic between the mobile node and home agent.

Working Group Summary

    This document has been discussed in the WG over 2+ years and
    there is general consensus on adopting the proposed solution on
    an experimental basis. The I-D does not deprecate the IPsec based
    security mechanism which is the default. Instead it proposes an
    alternative scheme which enables ease of deployment.

Document Quality

    There is at least one known implementation of the protocol. This
    implementation has been done on the Nokia N900 device as well as
    Ubuntu and Debian linux platforms. The implementation has been
    shown at previous IETF meetings.

    All reviewers who have helped improve the document have been
    acknowledged in the I-D.


   The responsible Area Director is Jari Arkko. There is no Document