Skip to main content

Distributing a Symmetric FMIPv6 Handover Key using SEND

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors James Kempf , Rajeev Koodli
Last updated 2008-03-03 (Latest revision 2006-05-30)
Replaced by RFC 5269
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-mipshop-handover-key
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Fast Mobile IPv6 requires that a Fast Binding Update is secured using a security association shared between an Access Router and a Mobile Node in order to avoid certain attacks. In this document, a method for distributing a shared key to secure this signaling is defined. The method utilizes the RSA public key that the Mobile Node used to generate its Cryptographically Generated Address in SEND. The RSA public key is used to encrypt a shared key sent from the Access Router to the Mobile Node prior to handover. The ability of the Mobile Node to decrypt the shared key verifies its possession of the private key corresponding to the CGA public key used to generate the address. This allows the Mobile Node to use the shared key to sign and authorize the routing changes triggered by the Fast Binding Update.


James Kempf
Rajeev Koodli

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)