Address-Protected Neighbor Discovery for Low-Power and Lossy Networks
RFC 8928, “Address-Protected Neighbor Discovery for Low-Power and Lossy Networks”, is a Proposed Standard document published in November 2020 by P. Thubert, B. Sarikaya, M. Sethi, R. Struik. It updates RFC 8505. It has since been updated by RFC 9926, RFC 9927. The canonical text is published by the RFC Editor.
Abstract
This document updates the IPv6 over Low-Power Wireless Personal Area Network (6LoWPAN) Neighbor Discovery (ND) protocol defined in RFCs 6775 and 8505. The new extension is called Address-Protected Neighbor Discovery (AP-ND), and it protects the owner of an address against address theft and impersonation attacks in a Low-Power and Lossy Network (LLN). Nodes supporting this extension compute a cryptographic identifier (Crypto-ID), and use it with one or more of their Registered Addresses. The Crypto-ID identifies the owner of the Registered Address and can be used to provide proof of ownership of the Registered Addresses. Once an address is registered with the Crypto-ID and a proof of ownership is provided, only the owner of that address can modify the registration information, thereby enforcing Source Address Validation.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8928 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 8927 JSON Type Definition
- RFC 8929 IPv6 Backbone Router
- RFC 8926 Geneve: Generic Network Virtualization Encapsulation
- RFC 8930 On Forwarding 6LoWPAN Fragments over a Multi-Hop IPv6 Network
- RFC 8925 IPv6-Only Preferred Option for DHCPv4
- RFC 8931 IPv6 over Low-Power Wireless Personal Area Network Selective Fragment Recovery
- RFC 8924 Service Function Chaining Operations, Administration, and Maintenance Framework
- RFC 8932 Recommendations for DNS Privacy Service Operators