1 - 3 - 6 - 8 - 9 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W
binding update
Click on the red underlined text to get to the source
... Mobile IPv6 specification [RFC3775] specifies the signaling
messages, Binding Update (BU) and Binding Acknowledgement (BA ...
... these two entities.
This document proposes a solution for securing the Binding Update and
Binding Acknowledgment messages between the Mobile Node ...
... Mobile IPv6 without having to integrate it
with the IPsec module, in which case the Binding Update and Binding
Acknowledgement messages (between MN-HA) are secured with the
...
... mobility message authentication option that
may be used to secure Binding Update and Binding Acknowledgement
messages. This option can be used along with IPsec ...
... IPsec or preferably as
an alternate mechanism to authenticate Binding Update and Binding
Acknowledgement messages in the absence of IPsec.
...
... MUST discard the message).
When a Binding Update or Binding Acknowledgement is received without
a mobility message ...
... authentication option is used to authenticate
the Binding Update and Binding Acknowledgement messages based on the
shared-key-based ...
... mobility option is used to authenticate the
Binding Update message based on the shared mobility security
association between the Mobile Node and AAA server ...
... mobility security association, HA drops
the Binding Update. HA may log the message for administrative
action.
...
... The Mobility message replay protection option MAY be used in Binding
Update/Binding Acknowledgement messages when authenticated using the
...
... mobility message replay protection option is used to let the Home
Agent verify that a Binding Update has been freshly generated by the
Mobile Node and not replayed by an attacker ...
... Mobile Node and not replayed by an attacker from some previous
Binding Update. This is especially useful for cases where the Home
Agent does not maintain stateful information about the Mobile Node
...
... Home Agent does the
replay protection check after the Binding Update has been
authenticated. The mobility message ...
... sequence number in the Mobility Header in
Binding Update) and the Binding Update from the Mobile Node does not
...
... Mobility Header in
Binding Update) and the Binding Update from the Mobile Node does not
include this option, the Home Agent ...
... mobility message replay protection
option in Binding Update, it MUST include the mobility message replay
protection option in Binding Acknowledgement ...
... timestamps, the 64-bit timestamp used in a Binding Update from
the Mobile Node MUST be greater than that used in any previous
...
... the Mobile Node MUST be greater than that used in any previous
successful Binding Update.
After successful authentication ...
...
After successful authentication of Binding Update (either locally at
the Home Agent or when a success indication is received from the AAA
server ...
... Mobile Node MUST adjust its timestamp
and send subsequent Binding Update using the updated value.
Upon receiving ...
... IPsec). The new options
provide for authentication of Binding Update and Binding
Acknowledgement messages. The MN-AAA mobility message ...
... mechanism in Section 6, to prevent replay attacks. The sequence
number field in the Binding Update is not used if this mechanism is
used. This memo defines the timestamp option to be used for mobility
message ...
... Sequence Number greater than the Sequence Number from the
previous Binding Update. This implicitly assumes that the Home Agent
has some information regarding the Sequence Number ...
... binding cache
entry for the indicated home address, it MUST accept any Sequence
Number value in a received Binding Update from this Mobile Node.
...