[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Evaluation: draft-ietf-vrrp-spec-v2-09

To: iesg@ietf.org
Subject: Evaluation: draft-ietf-vrrp-spec-v2-09
From: Russ Housley <housley@vigilsec.com>
Date: Wed, 29 Oct 2003 09:28:18 -0500

draft-ietf-vrrp-spec-v2-09.txt
Virtual Router Redundancy Protocol (Draft Standard)

Russ Housley [ ] [ ] [ X ] [ ]

Section 10, the security considerations, clearly indicates that incorrectly configured or hostile routers can become VRRP masters. This statement proves the need for an authentication mechanism However, previously supported authentication is being removed. I believe that the section should be expanded to state what harm a malicious router can cause if it becomes the VRRP master.

Follow-Ups:
- Re: Evaluation: draft-ietf-vrrp-spec-v2-09
  - From: "Steven M. Bellovin" <smb@research.att.com>

Prev by Date: Web agenda out of sync
Next by Date: Comment: draft-ietf-sigtran-signalling-over-sctp-applic-09
Previous by thread: Web agenda out of sync
Next by thread: Re: Evaluation: draft-ietf-vrrp-spec-v2-09
Index(es):
- Date
- Thread