Re: Fwd: Minutes / Notes

[Pekka Nikander <pekka.nikander@nomadiclab.com>]

marcelo bagnulo wrote:
> For the source endpoint information, i am not sure
> I think that carrying the source identifier would make more sense, since it
> identifies the other endd of the communication. 
Carrying a source identifier is harmful.  For our argument, see

Catharina Candolin and Pekka Nikander, "IPv6 Source Addresses Considered 
Harmful," in Hanne Riis Nielson (ed.), Proceedings of NordSec 2001, 
Sixth Nordoc Workshop on Secure IT Systems,  November 1-2, Lyngby, 
Denmark, Technical Report IMM-TR-2001-14, pp. 54-68, Technical 
University of Denmark, November 2001.

http://www.tml.hut.fi/~pnr/publications/nordsec2001.pdf

> This would also allow to
> configure filters depending on the source identifier making things like
> renumbering easier. The first problem that i find with this option is that
> you cannot send error messages back to the source (since there is no locator
> of the source) when there is a problem and additional mechanisms are needed
> to perform reverse mapping in this situation.
Error messages (ICMP, congestion notification) are about the only
reason why you should have any kind of source names in the average
packets once you make the id/loc separation.

In fact, IMHO it would make most sense to *record* the source *path*
to the packets, somewhat ala itrace, if the id/loc separation is
made.  That would allow one to trace back DoS packets.

(Note that all of the above discussed *generic* packets.  It is a
different issue with the very first packet send by a host to another,
and in any packets that affect the id->locs binding.

--Pekka Nikander