shim proxy (was Re: failure detection)

[marcelo bagnulo braun <marcelo@it.uc3m.es>]

El 20/08/2005, a las 19:02, Paul Jakma escribió:
> Yes, as a subset of shim6. Ie, using an 8+8 static mapping for the 
> local ULID(s), and using whatever shim6 control messages are needed to 
> map the remote ULID to the correct remote locator(s). It would be 
> assumed that the ULIDs are composed of a prefix and a host ID, 
> obviously. The mapping would only change the prefix.
>
> I think it would be very useful to allow such a mapping, and hence 
> allow split/proxy shim6.
>
> > i agree it would be useful but i still not sure how do you deal with 
> > security stuff in this case...
>
> There are no security implications to static mapping. It never changes.

the problem is that the is no way to prove the binding between the 
identifier and their locator sets... i.e. any prefix could be used with 
any identifier and it would be ok, so any rewriting would be ok, hence 
the potential attacks...

Perhaps you could try to evaluate how would such solution cope with the 
threats described in the threat analysis...

as i said, i consider this proxy capability to be really interesting, 
but i am afraid you are underestimating the security issues here.

regards, marcelo


>  No more than there are security implications to a non-shim6 host 
> forwarding packets according to a static routing table of 
> destination->nexthop.
>
> regards,
> --
> Paul Jakma	paul@clubi.ie	paul@jakma.org	Key ID: 64A2FF6A
> Fortune:
> Those who can, do; those who can't, write.
> Those who can't write work for the Bell Labs Record.