[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-savola-v6ops-6to4-security-02.txt

To: IPv6 Operations <v6ops@ops.ietf.org>
Subject: Re: I-D ACTION:draft-savola-v6ops-6to4-security-02.txt
From: Brian E Carpenter <brian@hursley.ibm.com>
Date: Sun, 04 May 2003 10:25:39 +0200
Organization: IBM
References: <200301091422.JAA10679@ietf.org>

I'm wondering what we should do with this draft.

It seems to me to be basically correct (i.e. it says that
there are specific spoofing and DoS attacks using 6to4 that
are harder to trace than "standard" spoofing and DoS attacks).

It is more explicit about the checks to be applied than the base
6to4 specification, but those checks cannot eliminate the attacks.

The document might also assist intrusion-detection implementors
in detecting these attacks.

So I think it should probably be published as an Info RFC, and
if/when we revise the basic 6to4 spec, Pekka's document would
be a source for improving the security section.

   Brian

Follow-Ups:
- Re: I-D ACTION:draft-savola-v6ops-6to4-security-02.txt
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: I-D ACTION:draft-baker-ipv6-renumber-procedure-00.txt
Next by Date: RE: I-D ACTION:draft-savola-v6ops-6to4-security-02.txt
Previous by thread: Re: I-D ACTION:draft-baker-ipv6-renumber-procedure-00.txt
Next by thread: Re: I-D ACTION:draft-savola-v6ops-6to4-security-02.txt
Index(es):
- Date
- Thread