Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt

To: Christian Vogt <chvogt at tm.uka.de>
Subject: Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt
From: Sam Hartman <hartmans-ietf at mit.edu>
Date: Tue, 30 Jan 2007 18:57:26 -0500
Cc: Thomas Henderson <thomas.r.henderson at boeing.com>, ietf at ietf.org, secdir at MIT.EDU, Gonzalo Camarillo <gonzalo.camarillo at ericsson.com>, David Ward <dward at cisco.com>, Jeffrey Hutzelman <jhutz at cmu.edu>
In-reply-to: <45BF9FB7.9060202@tm.uka.de> (Christian Vogt's message of "Tue, 30 Jan 2007 20:42:47 +0100")
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <59CFE75751C930AF7890FB24@sirius.fac.cs.cmu.edu> <45BF9FB7.9060202@tm.uka.de>
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

>>>>> "Christian" == Christian Vogt <chvogt at tm.uka.de> writes:
    Christian> unamplified flooding would also be possible for the
    Christian> attacker without HIP because the attacker could send
    Christian> flooding packets with an IPv6 Routing header, directing
    Christian> the packets to the correspondent node first, and from
    Christian> there to the victim.  To prevent this attack, the
    Christian> firewall would have to look into the flooding packets'
    Christian> extension headers since the IPv6 header would
    Christian> (legitimately) include the correspondent node's IP
    Christian> address.


Take a look at the v6ops IPV6 security overvew document.  It
recommends dropping most routing headers to avoid this sort of attack.


_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

Follow-Ups:
- Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt
  - From: Christian Vogt

References:
- secdir review of draft-ietf-hip-mm-04.txt
  - From: Jeffrey Hutzelman
- Re: secdir review of draft-ietf-hip-mm-04.txt
  - From: Christian Vogt

Prev by Date: Re: secdir review of draft-ietf-hip-mm-04.txt
Next by Date: Re: ion-procdocs open for public comment
Previous by thread: Re: secdir review of draft-ietf-hip-mm-04.txt
Next by thread: Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.