90 likes | 234 Views
Secure Proxy ND Support for SEND draft-krishnan-csi-proxy-send-00. Suresh Krishnan, Julien Laganier, Marco Bonola. SEND Assumptions. ND message target address is a CGA CGA derived from a public key. Sender of ND message owns target address.
E N D
Secure Proxy ND Support for SENDdraft-krishnan-csi-proxy-send-00 Suresh Krishnan, Julien Laganier, Marco Bonola
SEND Assumptions • ND message target address is a CGA • CGA derived from a public key. • Sender of ND message owns target address. • CGA Proof-of-ownership via proving possession of the corresponding private key, i.e. signing the message. Sender of ND message is the address owner
Different types of ND proxies Sender of ND message is not the address owner • RFC3775: MIPv6 HA intercepts packet sent to a MIPv6 MN away from home by sending NAs on the behalf of the MN. • RFC4389: Bridging multiple L2 segments into one by rewriting L2 addresses in ND messages • tobeRFC5213: PMIPv6 MAG sends NAs on behalf of the PMIPv6 LMA.
Secure Proxy ND Support for SEND • Separates the roles of ownership and advertiser. • The proxy is certified as part of the trusted infrastructure • just like a SEND router. • The proxy is granted a certificate that specifies the range of addresses that it is allowed to proxy. • Hosts can use the same process to discover the certification path between a proxy and one of the host's trust anchors as the one defined for routers in RFC3971
Operation Overview • Perform all the operations performed as per existing specs (RFC3775, RFC4389, RFC5213) • ND proxy provisioned with an authorization certificate [I-D.krishnan-cgaext-send-cert-eku] • Proxy Signature option (PSO) • Modified SEND processing rules for ND messages • NA, NS, RS, RA, and Redirect • A messages with a valid PSO is considered as secure even if it doesn't contain a CGA option
Secure Proxy ND Sender Processing Rules • If the ND message is locally generated the message is constructed as per NDP [RFC4861]. • If the ND message is forwarded, the authenticity of the intercepted message is verified as per SEND [RFC3971], then the intercepted message is modified as per ND Proxy [RFC4389]. • CGA and RSA option are be removed. • Proxy Signature option is added.
Modified SEND Receiver Processing Rules • An ND message without PSO is treated as per SEND [RFC3971]. • In an ND message with PSO, CGA and RSA option are ignored, if the PSO contains a valid signature and the IP address range encompass the target address the message is considered as valid.
Backward Compatibility • Nodes that do not implement the modified receiving rules will ignore the PSO, and since RSA and CGA option were removed, the message will be treated as insecure as per SEND [RFC3971]
Thanks Questions?