[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 6to4 security questions

To: Pekka Savola <pekkas@netcore.fi>
Subject: Re: 6to4 security questions
From: Brian E Carpenter <brian@hursley.ibm.com>
Date: Fri, 22 Nov 2002 02:18:00 +0100
Cc: v6ops@ops.ietf.org
Delivery-date: Thu, 21 Nov 2002 17:19:46 -0800
Envelope-to: v6ops-data@psg.com
Organization: IBM
References: <Pine.LNX.4.44.0211220230270.28077-100000@netcore.fi>
Sender: owner-v6ops@ops.ietf.org

Pekka Savola wrote:
> 
> On Fri, 22 Nov 2002, Brian E Carpenter wrote:
> > There are spoofing/DDOS risks in the host-based anycast 6to4 model
> > that has been implemented but never fully specified.
> 
> Do not classify this as "host-based".  There is nothing particularly
> host-based in this.

Yes there is, because hosts don't generally support BGP4+

> 
> And you said you're not aware of anything in the spec that'd need
> modification. Right..

My original preference was to *only* specify the BGP4+ model
for 6to4. I was talked out of it. 

   Brian

Follow-Ups:
- Re: 6to4 security questions
  - From: Pekka Savola <pekkas@netcore.fi>

References:
- Re: 6to4 security questions
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: 6to4 deployement issues - was 6to4 security questions
Next by Date: Re: 6to4 security questions
Previous by thread: Re: 6to4 security questions
Next by thread: Re: 6to4 security questions
Index(es):
- Date
- Thread