[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shared Locator Address Pool (SLAP) protocol proposal

To: Pekka Nikander <pekka.nikander@nomadiclab.com>
Subject: Re: Shared Locator Address Pool (SLAP) protocol proposal
From: Dave Crocker <dhc@dcrocker.net>
Date: Wed, 19 Nov 2003 08:30:35 -0800
Cc: multi6@ops.ietf.org
In-reply-to: <3FBB5A85.3020102@nomadiclab.com>
Organization: Brandenburg InternetWorking
References: <11729160049.20031115084555@brandenburg.com> <02ef01c3abb4$e4ffd3e0$2c818182@DFNJGL21> <3FB8C386.4E526EFB@zurich.ibm.com> <3FBB5A85.3020102@nomadiclab.com>
Reply-to: Dave Crocker <dcrocker@brandenburg.com>

Pekka,

PN> However, I am also worried about potential DoS and other
PN> security issues.  To me, it looks like a bad idea of allowing
PN> all of the upper layer protocols to add or remove addresses
PN> from SLAP.  Updating (soft) address state is probably fine,
PN> but both adding and deleting addresses is potentially dangerous.

Please elaborate on your concerns.

My assumption is that the apps each has at least the requisite, basic
"authentication of exchange continuity" that routing-based IP validation
provides.

So all I can guess is that the danger you fear is the general one of
having too many participants (applications and transport add/delete
mechanisms) and that any one of them can do a lot of damage.  That's why
I think it would be great to try to standardize a single control
protocol, but permit it to be used over a variety of mechanisms (layer
3.5, transport, and even apps.)


d/
--
 Dave Crocker <dcrocker-at-brandenburg-dot-com>
 Brandenburg InternetWorking <www.brandenburg.com>
 Sunnyvale, CA  USA <tel:+1.408.246.8253>

Follow-Ups:
- Re: Shared Locator Address Pool (SLAP) protocol proposal
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

References:
- Shared Locator Address Pool (SLAP) protocol proposal
  - From: Dave Crocker <dhc@dcrocker.net>
- Re: Shared Locator Address Pool (SLAP) protocol proposal
  - From: "Spencer Dawkins" <spencer@mcsr-labs.org>
- Re: Shared Locator Address Pool (SLAP) protocol proposal
  - From: Brian E Carpenter <brc@zurich.ibm.com>
- Re: Shared Locator Address Pool (SLAP) protocol proposal
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

Prev by Date: Re: delayed multihoming/mobility set-up
Next by Date: Re: Shared Locator Address Pool (SLAP) protocol proposal
Previous by thread: Re: Shared Locator Address Pool (SLAP) protocol proposal
Next by thread: Re: Shared Locator Address Pool (SLAP) protocol proposal
Index(es):
- Date
- Thread