[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: security requirement for multi6



Tony;

Even more importantly, we shouldn't create new ones.

What do you mean "ones"?


It is not a problem to create new form of DoS in an existing
situation such as that there is temporal MITM.

Otherwise, we can't develop new protocols.

For example, with MITM assumed, cryptographic security, which is
computationaly expensive, protection agaist which was cookie, which
is ineffective against MITM, amplifies DoS effect, especially with
public key one.

However, we should be careful if we are creating a new situation
to enable DoS, we should be careful.

But, it does not mean that we can't use cryptographic security.

This is an operations group:

That is, we are talking about situations.


An advanced fact on security is that DoS by MITM can not be prevented.

Masataka Ohta