Pre-Shared Key (PSK) Based Addresses (PBA)
draft-narayanan-psk-addr-gen-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Narayanan Venkitaraman , Vidya Narayanan | ||
| Last updated | 2006-02-13 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Cryptographically generated addresses (CGAs) provide a means of generating an IP address that is tied to a public key of a node. Using this means, the address ownership of the node can be verified by using the public key of the node to decrypt data signed by the node using its private key. In AAA-based systems, there is currently no means of performing such absolute address ownership checks, since address authorization is traditionally outside the scope of AAA. However, in some key generation protocols, it may be critical to perform address ownership verification or authorization before the generated key can be used. When such key generation protocols are AAA-based, there is no known method of address authorization to allow this operation. This draft provides a means of IPv6 address generation using a shared secret so that the IP address of a node can be verified by the entity with which the node shares the secret.
Authors
Narayanan Venkitaraman
Vidya Narayanan
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)