[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 6to4 security questions

To: Alain Durand <Alain.Durand@Sun.COM>
Subject: Re: 6to4 security questions
From: Pekka Savola <pekkas@netcore.fi>
Date: Wed, 20 Nov 2002 21:12:42 +0200 (EET)
Cc: Erik Nordmark <Erik.Nordmark@Sun.COM>, Jason Goldschmidt <jgoldsch@eng.sun.com>, <v6ops@ops.ietf.org>
Delivery-date: Wed, 20 Nov 2002 11:13:02 -0800
Envelope-to: v6ops-data@psg.com
In-reply-to: <3DDBDD07.7030903@sun.com>
Sender: owner-v6ops@ops.ietf.org

On Wed, 20 Nov 2002, Alain Durand wrote:
> 1- Revisit 6to4 architecture to have bi-directional communication
>     between the 6to4 router and the 6to4 relay. That way the decapsulating
>     6to4 router could apply some checks and make sure packets are comming
>     from a legitimate 6to4 relay.

I believe the "Limited Distribution of More Specific Routes" approach in
the draft could perhaps be able to solve these problems.

This would only be very minor modifications for the 6to4 routers/nodes, so
this might yet be doable.

There are some caveats though..

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords

Follow-Ups:
- Re: 6to4 security questions
  - From: Brian E Carpenter <brian@hursley.ibm.com>

References:
- Re: 6to4 security questions
  - From: Alain Durand <Alain.Durand@Sun.COM>

Prev by Date: Re: 6to4 security questions
Next by Date: Re: 6to4 security questions
Previous by thread: Re: 6to4 security questions
Next by thread: Re: 6to4 security questions
Index(es):
- Date
- Thread