Selection of MIPv6 Security Level Using a Hashed Address
Ericsson
Ericsson
SUN Microsystems
MIPv6 is being defined with a security solution called Return Routability (RR) that does not need any authentication infrastructure. Given that the solution is 'infrastructureless' in this manner, it isn't very easy to control the solution once it is widely deployed. In particular, it isn't clear how the solution could be changed to a new solution, should that ever become necessary. Peers should be able to agree about the use the new solution in a secure manner, without Man- in-the-Middle attackers from being able to mount a Bidding Down attack and downgrade the security back to the original solution. This draft specifies a simple but secure scheme which allows nodes to choose what security solution they use. One currently known drawback of this scheme is that it is based on a technology that has IPR considera tions.