[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Initial comments on the LISP proposal




El 20/03/2007, a las 10:52, Templin, Fred L escribió:

Dino/Vince/Dave,

Some initial comments on the LISP proposal:

1) The ICMP reply that is triggered by the first packet(s) from the
   ITR to the ETR do not seem to contain any information that could
   help the ITR know that the reply is in fact coming from a
   legitimate on-path ETR. Perhaps add a message digest (MD5 or other)
   to the ICMP reply so that off-path attacker risks can be mitigated?


maybe you want to check

http://www.rfc-editor.org/cgi-bin/iddoctype.pl?letsgo=draft-bagnulo- lisp-threat-00

regards, marcelo


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg