El 20/03/2007, a las 10:52, Templin, Fred L escribió:
Dino/Vince/Dave, Some initial comments on the LISP proposal: 1) The ICMP reply that is triggered by the first packet(s) from the ITR to the ETR do not seem to contain any information that could help the ITR know that the reply is in fact coming from a legitimate on-path ETR. Perhaps add a message digest (MD5 or other) to the ICMP reply so that off-path attacker risks can be mitigated?
maybe you want to checkhttp://www.rfc-editor.org/cgi-bin/iddoctype.pl?letsgo=draft-bagnulo- lisp-threat-00
regards, marcelo -- to unsubscribe send a message to rrg-request@psg.com with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg