mobike-3----Page:9
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
|
NATs and MOBIKE Related to 3rd party bombing issue if we want to have full protection against 3rd party bombings, we cannot work with NATs If we only want to use limited or partial protection then we can work through NATs If we allow full protection to be downgraded, then attacker might force the protection to be downgraded before starting the attack => we didn't have full protection at all. Does the limited or partial protection offer that much compared to the normal IKEv2 NAT-T? Should we upgrade the protection offered by IKEv2 NAT-T to partial/limited Implicit address update is not mandated in IKEv2, it is only SHOULD |