Re: 6to4 security questions

[Pekka Savola <pekkas@netcore.fi>]

On Wed, 20 Nov 2002, Brian E Carpenter wrote:
> > On Wed, 20 Nov 2002, Alain Durand wrote:
> > > 1- Revisit 6to4 architecture to have bi-directional communication
> > >     between the 6to4 router and the 6to4 relay. That way the decapsulating
> > >     6to4 router could apply some checks and make sure packets are comming
> > >     from a legitimate 6to4 relay.
> > 
> > I believe the "Limited Distribution of More Specific Routes" approach in
> > the draft could perhaps be able to solve these problems.
> > 
> > This would only be very minor modifications for the 6to4 routers/nodes, so
> > this might yet be doable.
> > 
> > There are some caveats though..
> 
> Nevertheless I do prefer this approach, or to be more precise,
> I'd like to be able to answer the question "should I trust
> this relay router?" 

Yep.

Some relays would never be able part of this "more specific 
2002::/16 routes mesh": then you can pick the policy; either discard the 
packet (if coming from a relay not part of the mesh) or accept it (should 
be trusted).

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords