[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: 3gpp-analysis-04: Security considerations
Pekka,
Do you want to send text? Perhaps when you get back.
This comment is a bit too open.
Hesham
> -----Original Message-----
> From: Pekka Savola [mailto:pekkas@netcore.fi]
> Sent: Thursday, July 24, 2003 11:20 PM
> To: v6ops@ops.ietf.org
> Subject: 3gpp-analysis-04: Security considerations
>
>
> Hi,
>
> The security consideration section of the 3GPP analysis
> document is still
> very weak; in principle, they only cover three points
> related to NAT-PT
> and/or DNSSEC. A more thorough analysis is required.
>
> In addition to NAT-PT/DNSSEC issues (I'm not sure if the
> three points are
> a conclusive list, though), the security properties of different
> transition scenarios and mechanisms should be briefly described.
>
> The exact contents depends a lot on which mechanisms we seem to get
> rough consensus on.
>
> =====
> 5. Security Considerations
>
>
> 1. NAT-PT DNS ALG problems are described in [NATPT-DNS] and
> [v4v6trans].
>
>
> 2. The 3GPP specifications do not currently define the usage
> of DNS Security. They neither disallow the usage
> of DNSSEC,
> nor do they mandate it.
>
>
> 3. NAT-PT breaks DNSSEC.
> --
> Pekka Savola "You each name yourselves king, yet the
> Netcore Oy kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>
>
>