IPv6 Neighbor Discovery Trust Models and Threats
RFC 3756, “IPv6 Neighbor Discovery Trust Models and Threats”, is an Informational document published in May 2004 by P. Nikander, J. Kempf, E. Nordmark. The canonical text is published by the RFC Editor.
Abstract
The existing IETF standards specify that IPv6 Neighbor Discovery (ND) and Address Autoconfiguration mechanisms may be protected with IPsec Authentication Header (AH). However, the current specifications limit the security solutions to manual keying due to practical problems faced with automatic key management. This document specifies three different trust models and discusses the threats pertinent to IPv6 Neighbor Discovery. The purpose of this discussion is to define the requirements for Securing IPv6 Neighbor Discovery. This memo provides information for the Internet community.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 3756 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 3755 Legacy Resolver Compatibility for Delegation Signer
- RFC 3757 Domain Name System KEY Resource Record Secure Entry Point Flag
- RFC 3754 IP Multicast in Differentiated Services Networks
- RFC 3758 Stream Control Transmission Protocol Partial Reliability Extension
- RFC 3753 Mobility Related Terminology
- RFC 3759 RObust Header Compression : Terminology and Channel Mapping Examples
- RFC 3752 Open Pluggable Edge Services Use Cases and Deployment Scenarios
- RFC 3760 Securely Available Credentials - Credential Server Framework