Re: New Version Notification for draft-baker-ipv6-nd-session-hijack-00

To: Erik Nordmark <erik.nordmark at sun.com>
Subject: Re: New Version Notification for draft-baker-ipv6-nd-session-hijack-00
From: Fred Baker <fred at cisco.com>
Date: Wed, 29 Jul 2009 06:55:05 +0200
Authentication-results: ams-dkim-2; header.From=fred at cisco.com; dkim=pass ( sig from cisco.com/amsdkim2001 verified; );
Cc: IETF IPv6 Mailing List <ipv6 at ietf.org>
Delivered-to: ipv6 at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=1008; t=1248843308; x=1249707308; c=relaxed/simple; s=amsdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fred at cisco.com; z=From:=20Fred=20Baker=20<fred at cisco.com> |Subject:=20Re=3A=20New=20Version=20Notification=20for=09dr aft-baker-ipv6-nd-session-hijack-00 |Sender:=20; bh=BaBhnwChCrB25PYl7nTyuf9l0vXSD1sdQt7AZxBsOnQ=; b=uGN8x7xFKrFLFVRMfwkwUFT//j+KwAvRhyJVBFm4WT6gAnGzqf5NwJ0Fi4 fNdl/6Pb+QLFme3uRPsGYFwPjIOnlHfjfa/rDgoGWZO0dHJy1/c36jRSOy7y 2qjt8PgT7S;
In-reply-to: <4A6EE6C8.3020000 at sun.com>
List-archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-help: <mailto:ipv6-request@ietf.org?subject=help>
List-id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-post: <mailto:ipv6@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
References: <20090728091838.086683A6DA1 at core3.amsl.com> <BCE5B48C-35EA-4DD9-B39F-F54BED98AFE8 at cisco.com> <4A6EE6C8.3020000 at sun.com>

Maybe you can tell me otherwise, but while the neighbor would not beable to prove ownership, in an FCFS SAVI environment it seems likelythat it could gain control of the address, the first guy havingrelinquished it.

I looked through RFC 3756, and it seemed to me that this was anadditional case. Again willing to be told I'm wrong.


On Jul 28, 2009, at 1:53 PM, Erik Nordmark wrote:

Fred Baker wrote:
Filename:     draft-baker-ipv6-nd-session-hijack
Revision:     00
Title:         Session Hijack in Neighbor Discovery
Creation_date:     2009-07-28
WG ID:         Independent Submission
Number_of_pages: 5

Abstract:
This memo is to point out a security issue in IPv6 Neighbor
Discovery.
This is a subset of the issues specified in RFC 3756 'IPv6 NeighborDiscovery (ND) Trust Models and Threats'.
Your draft says that this is an issue with SeND. Can you clarify howthis can happen with SeND?
  Erik

References:
- Fwd: New Version Notification for draft-baker-ipv6-nd-session-hijack-00
  - From: Fred Baker
- Re: Fwd: New Version Notification for draft-baker-ipv6-nd-session-hijack-00
  - From: Erik Nordmark

Prev by Date: Re: Node Requirements: Issue 14 - Privacy Extensions
Next by Date: Re: Comments on IPv6 Prefix Subdelegation
Previous by thread: Re: Fwd: New Version Notification for draft-baker-ipv6-nd-session-hijack-00
Index(es):
- Date
- Thread

Re: New Version Notification for draft-baker-ipv6-nd-session-hijack-00

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.