Re: security requirement for multi6

[Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>]

Brian;

> Whether a threat is new or old really doesn't matter.
>
> Our objective is to have a complete threat analysis that we can use
> to evaluate the security of proposed solutions.

If you use "complete" that way, the threat list MUST be proposal
specific.

For example, if I propose a protocol which clones TCP and name it
MOCP, there will be a new threat of MOCP SYN attack, in addition
to TCP SYN attack.

This is not a productive way to do things, though.

Erik is trying to be more productive stating in the abstract that:

  The intent is to look at how IPv6 multihoming solutions might make
  the Internet less secure than the current Internet, without studying
  any proposed solution but instead looking at threats that are
  inherent in the problem itself.

Just as SYN attack is inherent to not TCP but having state on the
initial paket of a 3-way handshake, redirection by MITM is inherent
to not M6 problem but MITM.

							Masataka Ohta