Threats for Basic Network Mobility Support (NEMO threats)
draft-petrescu-nemo-threats-01
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | Alexandre Petrescu | ||
| Last updated | 2004-01-12 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes security threats related to the network mobility base protocol (NEMO). Threats of Mobile IPv6 for Mobile Hosts are only briefly touched when in need of support of related NEMO threats. The NEMO signalling between MR and HA, as well as the forwarding information at HA and nested mobility configurations are considered to be the main sensitive points of the protocol. Existing tools of Mobile IPv6 protection between MH and HA (IPsec), dynamic routing protocol authentication, NEMO prefix table, ingress filtering checks at HA and tunnel encapsulation limiting are presented as protocol features affording protection against threats. NEMO threats for which there are no protections are briefly mentioned.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)