[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-ietf-idmr-igmp-mrdisc-10.txt

To: iesg-secretary@ietf.org
Subject: RE: draft-ietf-idmr-igmp-mrdisc-10.txt
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
Date: Thu, 3 Apr 2003 14:44:49 +0200
Cc: iesg@ietf.org

                     Yes    No-Objection  Discuss *  Abstain  
Bert Wijnen         [   ]     [ x ]       [   ]      [   ] 

During the call/telchat I'd say: no further objection.
I am amazed that Randy needs to take the DISCUSS for the
security considerations sections while both Security ADs
have a No-Ob (albeit with comments).

Thanks,
Bert 

> -----Original Message-----
> From: Randy Bush [mailto:randy@psg.com]
> Sent: donderdag 3 april 2003 8:37
> To: iesg-secretary@ietf.org
> Cc: iesg@ietf.org
> Subject: draft-ietf-idmr-igmp-mrdisc-10.txt
> 
> 
>                     Yes    No-Objection  Discuss *  Abstain  
> Randy Bush          [   ]     [   ]       [ x ]      [   ] 
>     
> i am not impressed by
> 
>    The following are justifications for inventing another router 
>    discovery protocol: 
>  
>            Ą Using ICMP router discovery is not an 
> appropriate solution 
>               for multicast router discovery because: 1.) It 
> may confuse 
>               hosts listening to ICMP router advertisements; 
> unicast and 
>               multicast topologies may not be congruent.  2.) 
> There is 
>               no way to tell from an ICMP router advertisement if a 
>               router is running a multicast routing protocol.
> 
> but an icmp-based protocol could work
>     
>            Ą By making multicast router discovery messages 
> extensible, 
>               future enhancements can be made.
> 
> completely bogus
>     
>            Ą By inventing a generic IP layer message, 
> multiple types of 
>               messages per link layer are not needed (i.e. including 
>               this functionality as part of IP is better than 
> inventing 
>               N discovery protocols for N layer-2 technologies). 
> 
> agree, but a new icmp could do it
> 
> what could be said is that, because this discovery mechanism 
> uses multicast,
> discovery problems will be congruent with payload problems, 
> which is cool.
> 
> but the following is just way to bogus, and is worth a discuss
> 
> 9. Security Considerations 
>     
>    The Multicast Router Advertisement message may allow rogue 
> machines 
>    to masquerade as multicast routers.  This could allow 
> those machines 
>    to eavesdrop on multicast data transmission or create a denial of 
>    service attack on multicast flows.  However, these new 
> messages are 
>    extensible and that allows for the introduction of security 
>    associations into the protocol.  These security extensions 
> could be 
>    used to authenticate or encrypt the messages. 
>

Follow-Ups:
- RE: draft-ietf-idmr-igmp-mrdisc-10.txt
  - From: Randy Bush <randy@psg.com>
- Re: draft-ietf-idmr-igmp-mrdisc-10.txt
  - From: "Steven M. Bellovin" <smb@research.att.com>

Prev by Date: RE: Evaluation: draft-ietf-mobileip-reg-revok - Registration Revocation in Mobile IPv4 to Proposed Standard
Next by Date: RE: Evaluation: draft-ietf-idmr-igmp-mrdisc - Multicast Router Discovery to Proposed Standard
Previous by thread: RE: Evaluation: draft-dasilva-l2tp-relaysvc - L2TP Active Discovery Relay for PPPoE to Proposed Standard
Next by thread: Re: draft-ietf-idmr-igmp-mrdisc-10.txt
Index(es):
- Date
- Thread