Re: I-D ACTION:draft-huitema-multi6-addr-selection-00.txt

[marcelo bagnulo braun <marcelo@it.uc3m.es>]

Hi David,


El 20/10/2004, a las 16:21, David Gethings escribió:

> On Tuesday 19 October 2004 16:38, marcelo bagnulo braun wrote:
> > Comments are welcome
> Overall a good draft.

thanks

>  But I do have one concern. In section 5.2 you propose 3
> source address selection methods. The third suggests that a host try 
> with all
> possible source addresses simultaneously that are within scope.
>
> While this offers the advantage of providing best path selection - as 
> you
> point out in your draft - it could also provides a ready made DOS'ing
> mechanism. The DOS'er simply has to clear the SA cache and send a 
> packet,
> cira repeat.

I may not be understanding your point here...
The proposed mechanism is to be used for initiating communications, not 
when the host receives an incoming communication.
I mean, the DOSer doesn't have a mechanism to trigger the multiple 
packets, i think.

Am i missing your point?

Thanks, marcelo

> My apologies if this security consideration is already addressed in 
> another
> RFC/ID.
>
> Cheers
>
> Dg
------------------------------------------
Please note that my former email address
mbagnulo@ing.uc3m.es is no longer in use
Please send mail to:
marcelo at it dot uc3m dot es
------------------------------------------