[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: alias BOF

To: "Bernard Aboba" <bernard_aboba@hotmail.com>, <floyd@icir.org>
Subject: Re: alias BOF
From: "James Kempf" <kempf@docomolabs-usa.com>
Date: Sun, 27 Jul 2003 14:25:44 +0200
Cc: <iab@ietf.org>, <iesg@ietf.org>
References: <BAY7-F41ldT6d3OCcSk000227ce@hotmail.com>

Jari Arkko had an individual draft on threats for ICMP and possible
solutions, but we couldn't find a home (we wanted to keep SEND's scope
limited in hopes of getting something useful done quickly). Perhaps he'd be
willing to revive it.

            jak

----- Original Message ----- 
From: "Bernard Aboba" <bernard_aboba@hotmail.com>
To: <floyd@icir.org>
Cc: <iab@ietf.org>; <iesg@ietf.org>
Sent: Sunday, July 20, 2003 9:17 AM
Subject: Re: alias BOF


> Warning: Post from an "implicated" person.
>
> For the last few weeks, I've been talking to Kevin Fall to try to get a
> handle around the security issues discussed in ALIAS, such as how to
secure
> ICMP traffic between a router and a host.  Today we typically ignore ICMP
> traffic in situations that would be security critical -- such an ICMP
"port
> unreachable" message that would indicate to the IKE Initiator that the
> destination does not support IKE. I see this part of the work as an
> extension of SEND -- so that it probably best not done in a Transport Area
> WG where the participants would probably lack the security and IPv6
> expertise to get it right. But this is a somewhat generic security issue.
>
> There is also the need for a thoughtful look at what is available from L2,
> and what we might be able to do with it (either on hosts or
intermediaries).
>   This is a survey document that I think would be valuable and maybe even
> educational.  Here the answers probably depend quite a bit on the scenario
> -- L2 jitter and retransmissions in 802.11 multipoint is unlikely to
affect
> a TCP connection operating over the Internet (as opposed to a connection
on
> a local LAN).  On the other hand, if you take measurements on the Bay Area
> Wireless Research Network (BARWN) point-to-point links across the Bay,
you'd
> probably find some interesting behavior.  There's a fair amount of
> literature here, some practical experience and also maybe even some
> opportunity to discuss measurements, so I think it's worth doing.
>
> I agree with Sally that we probably already have enough info on PEPs so
that
> we need not charter ALIAS to work on that.
>
> I'm quite comfortable with Kevin as a potential ALIAS WG chair, but think
> that a very tight charter will need to be written to essentially limit the
> WG to "studying" the problem and demonstrating an appropriate level of
> thoughtfullness and care before they can be granted the right to play with
> knives (solutions, such as protocol design).
>
> _________________________________________________________________
> The new MSN 8: advanced junk mail protection and 2 months FREE*
> http://join.msn.com/?page=features/junkmail
>
>
>

References:
- Re: alias BOF
  - From: "Bernard Aboba" <bernard_aboba@hotmail.com>

Prev by Date: Re: dna bof report
Next by Date: Re: CAPWAP BOF follow up: nmrg - CAPWAP
Previous by thread: Re: alias BOF
Next by thread: Re: IETF Participant Behaviour
Index(es):
- Date
- Thread