[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [secdir]Comments on draft-ietf-shim6-hba-01



On Tue, 2006-05-09 at 17:12 -0700, Erik Nordmark wrote:

> That type of leap-of-faith has a problem with address ownership (and
> isn't very secure as you state). The ownership problem is as follows:
>   - Alice arrives on the IETF terminal room. Is assigned IPv6 address
> IP1. Alice communicates with www.example.com and conveys her secret.
> www.example.com binds that secret to her current IP address. This means 
> that Alice can move and signal www.example.com her new IP address using 
> this secret.
> 
>   - Alice leaves the IETF terminal room, her DHCP lease expires, but she 
> continues to communicate with www.example.com (which maintains the 
> secret they setup)
> 
>   - Bob arrives in the IETF termincal room. The DHCP server gives him 
> the IP address IP1. Bob tries to communicate with www.example.com. One 

With 62 bits of usable IID, this is a problem that is trivially easy to
avoid.


Regards,

// Steve