Hi Frank, some comments below... Frank Xia escribió:
Hi Christian I was not in the against list of FCFS, however, I did express my concerns of the solution. The main idea is trying to build asource address validation rule using the first data packet. IMHO, this solution is vulnerable.It seems to be hard to deal with the following scenarios: 1)A host is authorized to use a static address, while the host does not connect the network
right, we need to think how to deal with this caseone obvious option is that since the address is manually configured in the host, it can also be manually included in the SAVI cache, so it knows that has been manually assigned I understand that some people actually manually configure MAC- IP address associations to perform this type of checks
2)A IPv6 host periodically changes it's interface ID from privacy consideration.
not sure why this is a problem, could you expand?
3)In dynamic address configuration, an IP address can be reused by other hosts.
this is no problem, the current draft actually deals with this Regards, marcelo
BR Frank----- Original Message ----- From: "Christian Vogt" <christian.vogt at ericsson.com>To: "SAVI Mailing List" <savi at ietf.org> Sent: Wednesday, December 17, 2008 11:14 PM Subject: [savi] Working Group Adoption of Individual SAVI DocumentsDear all - At the previous SAVI meeting in Minneapolis, we did a vote regarding which individual documents to use as starting points for the SAVI working group deliverables. I would now like to confirm this decision from Minneapolis here on the mailing list. The result of the vote in Minneapolis was thus: - To adopt draft-mcpherson-savi-threat-scope as a starting point for the Threats Analysis (Problem Statement) document: 7 in favour, 0 against. - To adopt draft-vogt-savi-rationale as a starting point for the Rationale document: 7 in favour, 0 against. - To adopt draft-bagnulo-savi-fcfs as a starting point for both the IPv4 and IPv6 Solution documents: 11 in favour, 2 against. - To adopt draft-bagnulo-savi-send as a starting point for the SeND-based IPv6 Solution document: 8 in favour, 1 against. Arguments raised by those voting against the adoption of one of the individual documents above related to potential security vulnerabilities or potential issues with mobile hosts. Both arguments would need to be addressed as the working group deliverables are being advanced. Please express on this mailing list whether or not you agree with the above documents being adopted by the SAVI working group as starting points for the various working group deliverables. Please also state the reasons in case you are against one of the documents being adopted. - Christian _______________________________________________ savi mailing list savi at ietf.org https://www.ietf.org/mailman/listinfo/savi_______________________________________________ savi mailing list savi at ietf.org https://www.ietf.org/mailman/listinfo/savi
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.