RFC 4285:Authentication Protocol for Mobile IPv6
RFC-Ref

1 - 3 - 6 - 8 - 9 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W

binding

Click on the red underlined text to get to the source

1. Introduction
... Mobile IPv6 specification [RFC3775] specifies the signaling messages, Binding Update (BU) and Binding Acknowledgement (BA ...
... signaling messages, Binding Update (BU) and Binding Acknowledgement (BA), between the Mobile Node ...
... these two entities. This document proposes a solution for securing the Binding Update and Binding Acknowledgment messages between the Mobile Node ...
... This document proposes a solution for securing the Binding Update and Binding Acknowledgment messages between the Mobile Node and Home Agent using a mobility message ...
... Mobile IPv6 without having to integrate it with the IPsec module, in which case the Binding Update and Binding Acknowledgement messages (between MN-HA) are secured with the ...
... with the IPsec module, in which case the Binding Update and Binding Acknowledgement messages (between MN-HA) are secured with the mobility message ...


4. Operational Flow
... MN and HA in the registration process. Binding Update (BU) and Binding Acknowledgement ...
... Binding Update (BU) and Binding Acknowledgement (BA) messages are used in the registration process ...


5. Mobility Message Authentication Option
... mobility message authentication option that may be used to secure Binding Update and Binding Acknowledgement messages. This option can be used along with IPsec ...
... authentication option that may be used to secure Binding Update and Binding Acknowledgement messages. This option can be used along with IPsec or preferably as ...
... IPsec or preferably as an alternate mechanism to authenticate Binding Update and Binding Acknowledgement messages in the absence of IPsec. ...
... an alternate mechanism to authenticate Binding Update and Binding Acknowledgement messages in the absence of IPsec. ...
... MUST discard the message). When a Binding Update or Binding Acknowledgement is received without a mobility message ...
... When a Binding Update or Binding Acknowledgement is received without a mobility message authentication option ...
... authentication option is used to authenticate the Binding Update and Binding Acknowledgement messages based on the shared-key-based ...
... authenticate the Binding Update and Binding Acknowledgement messages based on the shared-key-based security association ...
... mobility option is used to authenticate the Binding Update message based on the shared mobility security association between the Mobile Node and AAA server ...
... Home network (AAAH). It is not used in Binding Acknowledgement messages. The corresponding Binding Acknowledgement messages must be authenticated ...
... AAAH). It is not used in Binding Acknowledgement messages. The corresponding Binding Acknowledgement messages must be authenticated using the MN-HA ...
... When the Home Agent receives a Binding Update with the MN-AAA mobility message ...
... mobility message authentication option, the Binding Update is authenticated by an entity ...
... In case of authentication failure, the Home Agent MUST send a Binding Acknowledgement with status code MIPV6-AUTH ...
... mobility security association, HA drops the Binding Update. HA may log the message for administrative action. ...
... Upon receiving a Binding Acknowledgement with status code MIPV6- ...
... AUTH-FAIL, the Mobile Node SHOULD stop sending new Binding Updates to the Home Agent. ...


6. Mobility Message Replay Protection Option
... The Mobility message replay protection option MAY be used in Binding Update/Binding Acknowledgement messages when authenticated using the ...
... Mobility message replay protection option MAY be used in Binding Update/Binding Acknowledgement messages when authenticated using the mobility message ...
... mobility message replay protection option is used to let the Home Agent verify that a Binding Update has been freshly generated by the Mobile Node and not replayed by an attacker ...
... Mobile Node and not replayed by an attacker from some previous Binding Update. This is especially useful for cases where the Home Agent does not maintain stateful information about the Mobile Node ...
... Home Agent does not maintain stateful information about the Mobile Node after the binding entry has been removed. The Home Agent does the ...
... Home Agent does the replay protection check after the Binding Update has been authenticated. The mobility message ...
... sequence number in the Mobility Header in Binding Update) and the Binding Update from the Mobile Node does not ...
... Mobility Header in Binding Update) and the Binding Update from the Mobile Node does not include this option, the Home Agent ...
... mobility message replay protection option in Binding Update, it MUST include the mobility message replay protection option in Binding Acknowledgement ...
... Binding Update, it MUST include the mobility message replay protection option in Binding Acknowledgement. Appendix A provides details regarding why the mobility message replay protection ...
... timestamps, the 64-bit timestamp used in a Binding Update from the Mobile Node MUST be greater than that used in any previous ...
... the Mobile Node MUST be greater than that used in any previous successful Binding Update. After successful authentication ...
... After successful authentication of Binding Update (either locally at the Home Agent or when a success indication is received from the AAA server ...
... BU succeeds, the Home Agent MUST send a Binding Acknowledgement with status code MIPV6 ...
... Home Agent does not create a binding cache entry if the timestamp check fails. ...
... If the Mobile Node receives a Binding Acknowledgement with the code MIPV6-ID-MISMATCH, the Mobile Node ...
... Mobile Node MUST adjust its timestamp and send subsequent Binding Update using the updated value. Upon receiving ...


7. Security Considerations
... IPsec). The new options provide for authentication of Binding Update and Binding Acknowledgement messages. The MN-AAA mobility message ...
... provide for authentication of Binding Update and Binding Acknowledgement messages. The MN-AAA mobility message authentication option ...
... mechanism in Section 6, to prevent replay attacks. The sequence number field in the Binding Update is not used if this mechanism is used. This memo defines the timestamp option to be used for mobility message ...


11. Appendix A. Rationale for Mobility Message Replay Protection Option
... Sequence Number greater than the Sequence Number from the previous Binding Update. This implicitly assumes that the Home Agent has some information regarding the Sequence Number ...
... Sequence Number from the previous BU (even when the binding cache entry is not present). Second, the specification states that if the Home Agent has no binding cache entry ...
... binding cache entry is not present). Second, the specification states that if the Home Agent has no binding cache entry for the indicated home address, it MUST accept any Sequence Number value in a received Binding Update ...
... binding cache entry for the indicated home address, it MUST accept any Sequence Number value in a received Binding Update from this Mobile Node. ...
... Home Agent to create a binding cache entry for the Mobile Node. Thus, when authentication option ...

1 - 3 - 6 - 8 - 9 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W

Google
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org