[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-v6ops-addr-select-ps-01.txt and draft-ietf-v6ops-addr-select-req-02.txt WGLC

To: Fred Baker <fred@cisco.com>
Subject: Re: draft-ietf-v6ops-addr-select-ps-01.txt and draft-ietf-v6ops-addr-select-req-02.txt WGLC
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Date: Fri, 22 Jun 2007 14:28:18 +0200
Cc: v6ops WG <v6ops@ops.ietf.org>, Kurt Lindqvist <kurtis@kurtis.pp.se>, Ron Bonica <rbonica@juniper.net>
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=eb7/bKrEj7xKXlZGTNbUwjCyZa7dwfR1NlOya9mEjveKqu9SCNnT/Z2QQ7UpzjTHZPBlJeFlxswy8yPYZ53HacNQEVX7ITEyooxtzZGwS1CIbY1jGkKuA+UPgEvm92jzFISthJrLnKCh0LaFbIDFOteSaL5SzzE8aEcPRA6jIXs=
In-reply-to: <17A3AC1D-2C75-4CB5-B393-431E01D74FF5@cisco.com>
References: <17A3AC1D-2C75-4CB5-B393-431E01D74FF5@cisco.com>
User-agent: Thunderbird 1.5.0.12 (Windows/20070509)

I think this is useful work. I have no substantive comments
on draft-ietf-v6ops-addr-select-ps. I have a couple of
concerns with draft-ietf-v6ops-addr-select-req-02:

> 2.8.  Next-hop Selection
>
>    The mechanism can control next-hop-selection behavior at hosts or
>    cooperate with other routing mechanisms, such as routing protocols
>    and RFC 4191 [RFC4191].  If the address-selection mechanism is used
>    with a routing mechanism, the two mechanisms has to be able to work
>    synchronousely.

Do we really want to mix these two issues? Wouldn't a better design
be to say that RFC 4191 *is* the solution to control next-hop selection
and choice of source address? Then the constraint here is only to allow
simultaneous usage with 4191.

> 3.  Security Considerations
>
>    Incorrect address-selection can lead to serious security problems,
>    such as session hijack.  However, we should note that address-
>    selection is ultimately decided by nodes and their users.  There are
>    no means to enforce a specific address-selection behavior upon every
>    end-host from outside of the host.  Therefore, a network
>    administrator has to take countermeasures for unexpected address
>    selection.

As a threat analysis, this seems a bit weak. Should we say after the
first sentence that this threat requires address-selection messages
to be authenticated?

What does the last sentence mean? Does it mean that ingress
filtering needs to be implemented at the first-hop router?

    Brian

Follow-Ups:
- Re: draft-ietf-v6ops-addr-select-ps-01.txt and draft-ietf-v6ops-addr-select-req-02.txt WGLC
  - From: Arifumi Matsumoto <arifumi@nttv6.net>

References:
- draft-ietf-v6ops-addr-select-ps-01.txt and draft-ietf-v6ops-addr-select-req-02.txt WGLC
  - From: Fred Baker <fred@cisco.com>

Prev by Date: I-D ACTION:draft-ietf-v6ops-addcon-04.txt
Next by Date: Re: draft-ietf-v6ops-addr-select-ps-01.txt and draft-ietf-v6ops-addr-select-req-02.txt WGLC
Previous by thread: draft-ietf-v6ops-addr-select-ps-01.txt and draft-ietf-v6ops-addr-select-req-02.txt WGLC
Next by thread: Re: draft-ietf-v6ops-addr-select-ps-01.txt and draft-ietf-v6ops-addr-select-req-02.txt WGLC
Index(es):
- Date
- Thread