Skip to main content

Verification of Care-of Addresses in Multiple Bindings Registration

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Benjamin Lim , Chan-Wah Ng , Keigo Aso , Suresh Krishnan
Last updated 2008-07-10
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Using multiple care-of address registration, there is a possibility that a malicious mobile node could create multiple care-of address bindings that does not belong to the mobile node at its home agent. The home agent would accept these bindings without verifying them due to the trust relationship it has with the mobile node. With these bindings, the mobile node can launch attacks by asking the home agent to flood the victims of these care-of addresses with useless packets. To mitigate such a problem, this memo introduces a few possible verification mechanisms that the home agent would use in order to verify the care-of addresses for the mobile node before using them for packet routing.


Benjamin Lim
Chan-Wah Ng
Keigo Aso
Suresh Krishnan

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)