SEcure Neighbor Discovery
RFC 3971, “SEcure Neighbor Discovery”, is a Proposed Standard document published in March 2005 by J. Arkko, J. Kempf, B. Zill, P. Nikander. It has since been updated by RFC 6494, RFC 6495, RFC 6980. The canonical text is published by the RFC Editor.
Abstract
IPv6 nodes use the Neighbor Discovery Protocol (NDP) to discover other nodes on the link, to determine their link-layer addresses to find routers, and to maintain reachability information about the paths to active neighbors. If not secured, NDP is vulnerable to various attacks. This document specifies security mechanisms for NDP. Unlike those in the original NDP specifications, these mechanisms do not use IPsec. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 3971 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 3970 A Traffic Engineering MIB
- RFC 3972 Cryptographically Generated Addresses
- RFC 3973 Protocol Independent Multicast - Dense Mode : Protocol Specification
- RFC 3974 SMTP Operational Experience in Mixed IPv4/v6 Environments
- RFC 3967 Clarifying when Standards Track Documents may Refer Normatively to Documents at a Lower Level
- RFC 3975 OMA-IETF Standardization Collaboration
- RFC 3976 Interworking SIP and Intelligent Network Applications
- RFC 3978 IETF Rights in Contributions