Re: [secdir]Comments on draft-ietf-shim6-hba-01

[marcelo bagnulo braun <marcelo@it.uc3m.es>]

Hi Steven,

El 10/05/2006, a las 4:44, Steven Blake escribió:

> On Tue, 2006-05-09 at 17:12 -0700, Erik Nordmark wrote:
>
> > That type of leap-of-faith has a problem with address ownership (and
> > isn't very secure as you state). The ownership problem is as follows:
> >   - Alice arrives on the IETF terminal room. Is assigned IPv6 address
> > IP1. Alice communicates with www.example.com and conveys her secret.
> > www.example.com binds that secret to her current IP address. This 
> > means
> > that Alice can move and signal www.example.com her new IP address 
> > using
> > this secret.
> >
> >   - Alice leaves the IETF terminal room, her DHCP lease expires, but 
> > she
> > continues to communicate with www.example.com (which maintains the
> > secret they setup)
> >
> >   - Bob arrives in the IETF termincal room. The DHCP server gives him
> > the IP address IP1. Bob tries to communicate with www.example.com. One
>
> With 62 bits of usable IID, this is a problem that is trivially easy to
> avoid.

may agree with that, but Erik example was about a "casual" situation 
where Bob is not actually trying to attack Alice, it just happens to 
get the same address than her.

However, you may think of other situations where the attacker finds out 
the address of both communicating peers and activelly tries to interfer 
with the ongoing communication using such vulnerabilities....

regards, marcelo


> Regards,
>
> // Steve