1 - 3 - 6 - 8 - 9 - A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W
mobility message
Click on the red underlined text to get to the source
... Binding Acknowledgment messages between the Mobile Node and Home
Agent using a mobility message authentication option that is included
in these messages. Such a mechanism enables IPv6 mobility ...
... Binding
Acknowledgement messages (between MN-HA) are secured with the
mobility message authentication option.
...
...
The mobility message authentication option specified in Section 5 is
applicable in certain types of networks ...
... is between the MN and a backend authentication server, the mobility
message authentication option is desirable.
...
... extensions in the core. It should be noted that the out-of-band
mechanism is not within the scope of the mobility message
authentication option (Section 5) and hence is not described therein.
...
... HA requires more
signaling messages compared with the use of an mobility message
authentication option carried in the BU/BA messages ...
... Route Optimization and Mobile Prefix Discovery should not be used
when using the mobility message authentication option.
...
... | (including MN-ID option, |
| mobility message replay protection option[optional],|
| mobility message ...
... mobility message replay protection option[optional],|
| mobility message authentication option) |
| |
...
... | (including MN-ID option, |
| mobility message replay protection option[optional],|
| mobility message ...
... mobility message replay protection option[optional],|
| mobility message authentication option) |
| |
...
... replay protection.
The mobility message authentication option described in Section 5 may
be used by the Mobile Node ...
...
This section defines a mobility message authentication option that
may be used to secure Binding Update ...
... may be defined for use in the future.
Only one instance of a mobility message authentication option of a
particular subtype can be present in the message. One message may
...
... authentication option of a
particular subtype can be present in the message. One message may
contain multiple instances of the mobility message authentication
option with different subtype values. If both MN-HA and MN-AAA ...
... Binding Update or Binding Acknowledgement is received without
a mobility message authentication option and the entity receiving ...
... entity receiving it
is configured to use the mobility message authentication option or
has the shared-key-based ...
... shared-key-based mobility security association for the
mobility message authentication option, the entity should silently
discard ...
... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Mobility Message Authentication Option
...
...
The format of the MN-HA mobility message authentication option is as
defined in Figure 2. This option uses the subtype value of 1. The
...
... defined in Figure 2. This option uses the subtype value of 1. The
MN-HA mobility message authentication option is used to authenticate
...
...
The MN-HA mobility message authentication option MUST be the last
option in a message with a mobility header ...
... authentication option MUST be the last
option in a message with a mobility header if it is the only mobility
message authentication option in the message.
...
...
The format of the MN-AAA mobility message authentication option is as
defined in Figure 2. This option uses the subtype value of 2. The
...
...
The MN-AAA mobility message authentication option must be the last
option in a message with a mobility header ...
... mobility header. The corresponding
response MUST include the MN-HA mobility message authentication
option, and MUST NOT include the MN-AAA mobility message ...
... mobility message authentication
option, and MUST NOT include the MN-AAA mobility message
authentication option.
...
... channel. Specifically, a BU with the MN-AAA mobility
message authentication option is authenticated via a home AAA server ...
... Binding Update with the MN-AAA
mobility message authentication option, the Binding Update is
...
... Mobility Message Replay Protection Option ...
...
The Mobility message replay protection option MAY be used in Binding
Update/Binding Acknowledgement ...
... Binding Acknowledgement messages when authenticated using the
mobility message authentication option as described in Section 5.
...
... authentication option as described in Section 5.
The mobility message replay protection option is used to let the Home
Agent verify that a Binding Update ...
... Binding Update has been
authenticated. The mobility message replay protection option when
included is used by the Mobile Node ...
...
When the Home Agent receives the mobility message replay protection
option in Binding Update ...
... replay protection
option in Binding Update, it MUST include the mobility message replay
protection option in Binding Acknowledgement. Appendix A provides
...
... replay
protection option in Binding Acknowledgement. Appendix A provides
details regarding why the mobility message replay protection option
MAY be used when using the authentication option ...
... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Mobility Message Replay Protection Option
...
... Binding Update and Binding
Acknowledgement messages. The MN-AAA mobility message authentication
option provide for authentication with AAA infrastructure ...
... Binding Update is not used if this mechanism is
used. This memo defines the timestamp option to be used for mobility
message replay protection.
...
... Appendix A. Rationale for Mobility Message Replay Protection Option ...
... RFC3775].
Thus, this specification uses the mobility message replay protection
option to prevent replay attacks ...