[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: node-to-node security breach

To: "'Pekka Savola'" <pekkas@netcore.fi>
Subject: RE: node-to-node security breach
From: "Karen E. Nielsen (AH/TED)" <karen.e.nielsen@ericsson.com>
Date: Tue, 24 Aug 2004 08:14:11 +0200
Cc: v6ops@ops.ietf.org

Hi Pekka,

Thanks for the elaboration.

I will speak to the other authors about adding a disclaimer, as discussed,
about the mitigation scheme usage (or non-usage) in direct tunnelling solutions.


> > * If the protocol operate with host-to-server communication only,
> > then the mitigation scheme would work, and it wouldn't break
> > anything.
> 
> Sure, but if the protocol operates entirely in host-to-server (and 
> server-to-host), there is nothing to mitigate in the first place, as 
> the protocol implementation would automatically discard the bogus 
> proto-41 packets in the first place?
> 
> 

This is what it should do and thus one of the security aspects that
we are discussing, I beleive.

Thanks,
Karen

Prev by Date: RE: node-to-node security breach
Next by Date: RE: zeroconf draft
Previous by thread: RE: node-to-node security breach
Next by thread: RE: zeroconf draft Editorial
Index(es):
- Date
- Thread