Cryptographically Generated Addresses
RFC 3972, “Cryptographically Generated Addresses”, is a Proposed Standard document published in March 2005 by T. Aura. It has since been updated by RFC 4581, RFC 4982. The canonical text is published by the RFC Editor.
Abstract
This document describes a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol. Cryptographically Generated Addresses (CGA) are IPv6 addresses for which the interface identifier is generated by computing a cryptographic one-way hash function from a public key and auxiliary parameters. The binding between the public key and the address can be verified by re-computing the hash value and by comparing the hash with the interface identifier. Messages sent from an IPv6 address can be protected by attaching the public key and auxiliary parameters and by signing the message with the corresponding private key. The protection works without a certification authority or any security infrastructure. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 3972 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 3971 SEcure Neighbor Discovery
- RFC 3973 Protocol Independent Multicast - Dense Mode : Protocol Specification
- RFC 3970 A Traffic Engineering MIB
- RFC 3974 SMTP Operational Experience in Mixed IPv4/v6 Environments
- RFC 3975 OMA-IETF Standardization Collaboration
- RFC 3976 Interworking SIP and Intelligent Network Applications
- RFC 3967 Clarifying when Standards Track Documents may Refer Normatively to Documents at a Lower Level
- RFC 3978 IETF Rights in Contributions