Secure Neighbor Discovery using separate CGA extension header
Ericsson Research Nomadiclab
The Secure Neighbor Discovery (SEND) Working Group has produced an Internet Draft that proposes to use an IPsec AH header that carries both a public key and a signature. However, based on the recent discussion at the mailing lists it seems that such a usage of AH is considered inappropriate at least by some members of the IPSEC WG. In this draft we introduce an alternative method, where a separate extension header is used to carry the public key, and the AH header only contains a signature.