Re: Evaluation: draft-ietf-mobileip-ipv6 - Mobility Support in IPv6 to Proposed Standard

["Steven M. Bellovin" <smb@research.att.com>]

In message <540320000.1046964395@askvoll.hjemme.alvestrand.no>, Harald Tveit Al
vestrand writes:
>
>
>--On torsdag, mars 06, 2003 00:17:34 -0500 "Steven M. Bellovin" 
><smb@research.att.com> wrote:
>
>> 9.5.1   If there's no IPsec-level replay protection, this sequence number
>>         just won't do the trick.  A wireless mobile node could very
>>         easily generate enough binding updates per day that an enemy
>>         could replay old ones that appeared to be in the window.
>
>32767 binding updates in a day?
>that's 22 moves per minute, or one every 3 seconds, sustained.
>
>
>
I didn't say "per day".  But what about 6 months of driving with a 
MobileIP-based PDA or cell phone?  That's one cell site every 6.5 
minutes, which is not unreasonable.

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)