Re: secid review of draft-ietf-ipv6-deprecate-rh0-01

To: Jari Arkko <jari.arkko at piuha.net>
Subject: Re: secid review of draft-ietf-ipv6-deprecate-rh0-01
From: Joe Abley <jabley at ca.afilias.info>
Date: Tue, 2 Oct 2007 08:46:42 -0400
Cc: 6man-chairs at tools.ietf.org, 'IETF discussion list' <ietf at ietf.org>, secdir at mit.edu, tim.polk at nist.gov, gnn at neville-neil.com, 'Sam Hartman' <hartmans-ietf at mit.edu>, psavola at funet.fi
In-reply-to: <4700B9C6.6040202@piuha.net>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <02c601c7feef$b6460730$6702a8c0@china.huawei.com> <4700B9C6.6040202@piuha.net>


On 1-Oct-2007, at 0511, Jari Arkko wrote:

Hi David, and thanks for your review. Inline:
As such, the whole document is a security consideration. The vulnerability appears well-documented, and the guidelines for handling the deprecated RH0 are clear.
Good.

Just by-the-by, I noticed the first reports of peoples' "block-rh0" filters in live production networks taking hits yesterday. The notes I saw showed periods of low-volume, low-frequency packets with RH0, and also periods in which the traffic volume was noticeably higher.

The reports I saw featured source addresses in CERNET in China. It was not obvious whether those had been spoofed.

It is of course difficult go gauge the motivation for sending the packets when you're on the receiving end. However, I thought it noteworthy that such things had been seen, recently, in the wild.

Joe

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- secid review of draft-ietf-ipv6-deprecate-rh0-01
  - From: David Harrington
- Re: secid review of draft-ietf-ipv6-deprecate-rh0-01
  - From: Jari Arkko

Prev by Date: [no subject]
Next by Date: Re: IPv4 to IPv6 transition
Previous by thread: Re: secid review of draft-ietf-ipv6-deprecate-rh0-01
Next by thread: draft-ietf-ipfix-protocol-26.txt
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: secid review of draft-ietf-ipv6-deprecate-rh0-01

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.