I enjoyed the article entitled "PMIPv6: A Network-Based Localized Mobility Management Solution" in the last issue of The Internet Protocol Journal (Volume 13, No. 3, September 2010).
I believe that in the "Security Considerations" section it should be mentioned that the CSI (Cga & Send maIntenance) working group in the IETF is also working on updating the Secure Neighbor Discovery (SEND) specification (RFC 3971) to include the possibility of authenticating the proxied Neighbor Discovery (ND) messages sent between the terminal, the Mobile Access Gateway (MAG), and the Local Mobility Anchor (LMA). This configuration should work in addition to the proposed IP Security (IPsec) tunnel between the MAG and the LMA.
The reference material is available at:
—Roque Gagliano, Cisco Systems
The author responds:
Dear Ole and Roque,
Thanks for reading our article and providing these valuable comments. We agree with your point. We just considered the basic security mechanisms in our article, limiting the scope to the protocols already standardized, which cover only the protection of the MAG-LMA signaling. We agree that the efforts being carried out within the CSI working group are worth mentioning with regard to the security aspects of PMIPv6.
—Carlos J. Bernardos, Universidad Carlos III de Madrid