[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: additional attack for multi6 threat draft?

To: "Spencer Dawkins" <spencer@mcsr-labs.org>, <multi6@ops.ietf.org>
Subject: RE: additional attack for multi6 threat draft?
From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>
Date: Mon, 8 Dec 2003 14:48:53 +0100
In-reply-to: <005201c3bd86$8b59c790$0400a8c0@DFNJGL21>
Reply-to: <mbagnulo@ing.uc3m.es>

Hi Spencer,

My interpretation of Masataka comment is the following

When you communicate with another host, you exchange packets with it, so
basically you are performing RR check since you are able to actually
exchange packets. Is this what you meant Masataka?

The problem in multi6 is that since we may need to change the locator during
the lifetime of an established asociation, we may still think that we are
communication with the initial locator while in reallity packets are being
diverted to a new alternative address. In this case, the implicit RR check
is being performed to new locator and not to the initial locator that the
initiating entities think they are communicating to.

So IMHO RR is good to verify locators but not so good to verify identities

Hope this makes some sense

regards, marcelo

> -----Mensaje original-----
> De: owner-multi6@ops.ietf.org [mailto:owner-multi6@ops.ietf.org]En
> nombre de Spencer Dawkins
> Enviado el: lunes, 08 de diciembre de 2003 13:27
> Para: multi6@ops.ietf.org
> Asunto: Re: additional attack for multi6 threat draft?
>
>
> OK, this is not a helpful response.
>
> If RR based verification really is a MUST, shouldn't that be written
> down somewhere (more authoritative than the multi6 mailing list),
> along with at least a basic explanation of why?
>
> Can anyone provide a pointer to such a requirement, preferably in an
> archival document that is at least BCP (and preferably
> standards-track)?
>
> FWIW, the biggest impediment for moving past "the IESG must review and
> approve all specifications" is the view that working groups don't
> understand requirements like this one. Having WG participants "guess
> why" isn't likely to help improve understanding.
>
> Spencer
>
> ----- Original Message -----
> From: "Masataka Ohta" <mohta@necom830.hpcl.titech.ac.jp>
> To: <mbagnulo@ing.uc3m.es>
> Cc: <multi6@ops.ietf.org>
> Sent: Monday, December 08, 2003 6:03 AM
> Subject: Re: additional attack for multi6 threat draft?
> > >>
> > >>On the Internet, RR based verification is MUST,
> > >
> > >
> > > Why?
> >
> > Why?
> >
> > Can you name some protocol that does not do this?
> >
> > If you can't, guess "why?".
>
>

References:
- Re: additional attack for multi6 threat draft?
  - From: "Spencer Dawkins" <spencer@mcsr-labs.org>

Prev by Date: RE: additional attack for multi6 threat draft?
Next by Date: Re: Terminology [Re: Some Comments on ID/Loc Separation Proposals]
Previous by thread: Re: additional attack for multi6 threat draft?
Next by thread: RE: additional attack for multi6 threat draft?
Index(es):
- Date
- Thread