Security Assessment of Neighbor Discovery (ND) for IPv6
draft-ietf-opsec-ipv6-nd-security-00
| Document | Type | Expired Internet-Draft (opsec WG) | |
|---|---|---|---|
| Last updated | 2014-04-25 (latest revision 2013-10-22) | ||
| Stream | IETF | ||
| Intended RFC status | (None) | ||
| Formats |
Expired & archived
pdf
htmlized
bibtex
|
||
| Stream | WG state | WG Document | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | Expired | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
https://www.ietf.org/archive/id/draft-ietf-opsec-ipv6-nd-security-00.txt
Abstract
Neighbor Discovery is one of the core protocols of the IPv6 suite, and provides in IPv6 similar functions to those provided in the IPv4 protocol suite by the Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP). Its increased flexibility implies a somewhat increased complexity, which has resulted in a number of bugs and vulnerabilities found in popular implementations. This document provides guidance in the implementation of Neighbor Discovery, and documents issues that have affected popular implementations, in the hopes that the same issues do not repeat in other implementations.
Authors
Fernando Gont
(fgont@si6networks.com)
Ron Bonica
(rbonica@juniper.net)
Will LIU
(liushucheng@huawei.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)