[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Residual threats in draft-savola-v6ops-6to4-security-02.txt?
In fact, the document could get some editing. We should adopt a structure "by threat", in which for each thread we describe the attack, note the existing mitigation, discuss whether other additional mitigations should be implemented, and conclude by the qualification of the residual threat.
We also need to agree on some qualification level. We discussed that on the list, but basically it is a matter of comparing the situation with 6to4 to the situation without. If the mitigations are sufficient to make the situation no worse with 6to4 than with the existing IPv4 Internet, then the threat should not considered critical. This forces us to decide a question, what is the level we compare to. For example, a lot is said about address spoofing, but addresses can in practice be spoofed today...
________________________________
From: owner-v6ops@ops.ietf.org on behalf of Erik Nordmark
Sent: Wed 7/16/2003 7:52 AM
To: pekkas@netcore.fi
Cc: v6ops@ops.ietf.org
Subject: Residual threats in draft-savola-v6ops-6to4-security-02.txt?
Maybe it's just me but I can't clearly find the threats that remain
once all the clarified and extended rules in section 5 and 6 have
been applied.
Is this what the "fix" column in the table in 5.5.1 is trying to tell me?
It would be useful to flesh that out a bit.
Erik