Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt

To: Sam Hartman <hartmans-ietf at mit.edu>
Subject: Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt
From: Christian Vogt <chvogt at tm.uka.de>
Date: Wed, 31 Jan 2007 09:25:50 +0100
Cc: Thomas Henderson <thomas.r.henderson at boeing.com>, ietf at ietf.org, secdir at MIT.EDU, Gonzalo Camarillo <gonzalo.camarillo at ericsson.com>, David Ward <dward at cisco.com>, Jeffrey Hutzelman <jhutz at cmu.edu>
In-reply-to: <tsl4pq8rrtl.fsf@cz.mit.edu>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <59CFE75751C930AF7890FB24@sirius.fac.cs.cmu.edu> <45BF9FB7.9060202@tm.uka.de> <tsl4pq8rrtl.fsf@cz.mit.edu>
User-agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.0.9) Gecko/20060911 SUSE/1.5.0.9-0.1 Thunderbird/1.5.0.9 Mnenhy/0.7.4.0

Ah, very good!  Thanks for the pointer, Sam.

- Christian

-- 
Christian Vogt, Institute of Telematics, Universitaet Karlsruhe (TH)
www.tm.uka.de/~chvogt/pubkey/



Sam Hartman wrote:
>>>>>> "Christian" == Christian Vogt <chvogt at tm.uka.de> writes:
>     Christian> unamplified flooding would also be possible for the
>     Christian> attacker without HIP because the attacker could send
>     Christian> flooding packets with an IPv6 Routing header, directing
>     Christian> the packets to the correspondent node first, and from
>     Christian> there to the victim.  To prevent this attack, the
>     Christian> firewall would have to look into the flooding packets'
>     Christian> extension headers since the IPv6 header would
>     Christian> (legitimately) include the correspondent node's IP
>     Christian> address.
> 
> 
> Take a look at the v6ops IPV6 security overvew document.  It
> recommends dropping most routing headers to avoid this sort of attack.
> 

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- secdir review of draft-ietf-hip-mm-04.txt
  - From: Jeffrey Hutzelman
- Re: secdir review of draft-ietf-hip-mm-04.txt
  - From: Christian Vogt
- Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt
  - From: Sam Hartman

Prev by Date: Re: ion-procdocs open for public comment
Next by Date: Referencing BCPs [Re: ion-procdocs open for public comment]
Previous by thread: Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt
Next by thread: Re: secdir review of draft-ietf-hip-mm-04.txt
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: [secdir] secdir review of draft-ietf-hip-mm-04.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.