1 - 3 - 6 - 8 - 9 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W
Authentication option
Click on the red underlined text to get to the source
... Mobile Node and Home
Agent using a mobility message authentication option that is included
in these messages. Such a mechanism enables IPv6 mobility in a host ...
... MN-HA) are secured with the
mobility message authentication option.
The authentication mechanism ...
...
The mobility message authentication option specified in Section 5 is
applicable in certain types of networks that have the following
...
... MN and a backend authentication server, the mobility
message authentication option is desirable.
- In certain deployment ...
... mechanism is not within the scope of the mobility message
authentication option (Section 5) and hence is not described therein.
- Network ...
... signaling messages compared with the use of an mobility message
authentication option carried in the BU/BA messages.
...
... Mobile Prefix Discovery should not be used
when using the mobility message authentication option.
...
...
The mobility message authentication option described in Section 5 may
be used by the Mobile Node to transfer authentication data ...
...
This section defines a mobility message authentication option that
may be used to secure Binding Update and Binding Acknowledgement ...
...
Only one instance of a mobility message authentication option of a
particular subtype can be present in the message. One message may
contain multiple instances of the mobility message ...
... particular subtype can be present in the message. One message may
contain multiple instances of the mobility message authentication
option with different subtype values. If both MN-HA and MN-AAA
...
... authentication options are present, the MN-HA authentication option
must be present before the MN-AAA authentication option ...
... authentication option
must be present before the MN-AAA authentication option (else, the HA
MUST discard the message).
...
... Binding Acknowledgement is received without
a mobility message authentication option and the entity receiving it
...
... receiving it
is configured to use the mobility message authentication option or
has the shared-key-based mobility security association ...
... mobility security association for the
mobility message authentication option, the entity should silently
discard the received message.
...
... The format of the MN-HA mobility message authentication option is as
defined in Figure 2. This option uses the subtype value of 1. The
MN-HA ...
... The MN-HA mobility message authentication option MUST be the last
option in a message with a mobility header if it is the only mobility
message ...
... option in a message with a mobility header if it is the only mobility
message authentication option in the message.
The authentication data ...
... The format of the MN-AAA mobility message authentication option is as
defined in Figure 2. This option uses the subtype value of 2. The
MN-AAA ...
... The MN-AAA mobility message authentication option must be the last
option in a message with a mobility header. The corresponding
...
... response MUST include the MN-HA mobility message authentication
option, and MUST NOT include the MN-AAA mobility message
...
... The use of the MN-AAA mobility message authentication option assumes
that AAA entities at the home site communicate with the HA ...
... BU with the MN-AAA mobility
message authentication option is authenticated via a home AAA server.
...
... authenticated using the
mobility message authentication option as described in Section 5.
The mobility message ...
... mobility message replay protection option
MAY be used when using the authentication option.
0 1 2 3
...
... Binding
Acknowledgement messages. The MN-AAA mobility message authentication
option provide for authentication with AAA infrastructure.
...
... binding cache entry for the Mobile Node. Thus, when
authentication option is used, Sequence Number does not provide
protection against ...