[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: multi6-threats-00.txt vs. MIPv6 - different strength verifications?

To: masataka ohta <mohta@necom830.hpcl.titech.ac.jp>
Subject: Re: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
From: Erik Nordmark <Erik.Nordmark@sun.com>
Date: Tue, 4 Nov 2003 13:26:19 +0100 (CET)
Cc: Erik Nordmark <Erik.Nordmark@sun.com>, multi6@ops.ietf.org
In-reply-to: "Your message with ID" <3FA795B2.7090708@necom830.hpcl.titech.ac.jp>
Reply-to: Erik Nordmark <Erik.Nordmark@sun.com>

> One case where MIPv6 is no weaker than today's Internet is that
> an attacker which is on the path for a few seconds can, by modifying
> DNS answer, redirect packets for weeks.

Correct if the attacker is on the path between the host and the DNS 
infrastructure.

But part of the point is that there is a solution to make DNS more secure.
Once that is starting to get deployed it would be nice if we haven't
designed a multihoming solution which makes the network less secure again.

   Erik

Follow-Ups:
- Re: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
  - From: masataka ohta <mohta@necom830.hpcl.titech.ac.jp>
- RE: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

References:
- Re: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
  - From: masataka ohta <mohta@necom830.hpcl.titech.ac.jp>

Prev by Date: Re: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
Next by Date: Re: survivability, rewriting
Previous by thread: Re: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
Next by thread: RE: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
Index(es):
- Date
- Thread