[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 6to4 security questions



On Wed, 20 Nov 2002, Alain Durand wrote:
> 1- Revisit 6to4 architecture to have bi-directional communication
>     between the 6to4 router and the 6to4 relay. That way the decapsulating
>     6to4 router could apply some checks and make sure packets are comming
>     from a legitimate 6to4 relay.

I believe the "Limited Distribution of More Specific Routes" approach in
the draft could perhaps be able to solve these problems.

This would only be very minor modifications for the 6to4 routers/nodes, so
this might yet be doable.

There are some caveats though..

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords