[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Residual threats in draft-savola-v6ops-6to4-security-02.txt?

To: Erik Nordmark <Erik.Nordmark@sun.com>
Subject: Re: Residual threats in draft-savola-v6ops-6to4-security-02.txt?
From: Pekka Savola <pekkas@netcore.fi>
Date: Wed, 16 Jul 2003 20:16:37 +0300 (EEST)
Cc: v6ops@ops.ietf.org
In-reply-to: <Roam.SIMC.2.0.6.1058367163.16854.nordmark@bebop.france>

On Wed, 16 Jul 2003, Erik Nordmark wrote:
> Maybe it's just me but I can't clearly find the threats that remain
> once all the clarified and extended rules in section 5 and 6 have
> been applied.
> 
> Is this what the "fix" column in the table in 5.5.1 is trying to tell me?
> It would be useful to flesh that out a bit.

Thanks for the comment.

Fix refers only to the workarounds presented in section 5.

It is assumed that all the implementations already do about all the
suggested checks described in section 6 (in sect 5 there are basically
only more generic suggestions like applyting iTrace), which is a bit of a
stretch.

This should be stated somewhere, but I'll re-organize the document
slightly to make it easier to understand.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

References:
- Residual threats in draft-savola-v6ops-6to4-security-02.txt?
  - From: Erik Nordmark <Erik.Nordmark@sun.com>

Prev by Date: Re: "IPv6 on by default" comment
Next by Date: Accept IPv6-on-by-Default Document as WG Draft?
Previous by thread: Residual threats in draft-savola-v6ops-6to4-security-02.txt?
Next by thread: RE: Residual threats in draft-savola-v6ops-6to4-security-02.txt?
Index(es):
- Date
- Thread