[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Transport multihoming
> > Given the known common presence of man-in-the-middle attacks,
> > I don't see that RR actually buys anything in the way
> > of trust or assurance that one is talking with the party
> > one thinks one is talking with.
> Right. It just prevents someone from "stealing" addresses with
> MIPv6 BUs from an arbitrary location in the Internet, and limits
> the viable attack locations to those on the path.
IMHO nothing can be do against man-in-the-middle attack but a PKI to
authenticate the other peer. I agree with Pekka that RR is just a
mechanism to limit attacks without the need of crypto.
> I *think* (but haven't analyzed in detail) that it would work in the same
> way with end-host multi-homing based on secondary addresses.
I fully agree.
> And we must not forget the danger of and the prevention of flooding,
> either. Thus, for example, SCTP should use some sort of RR when
> falling to secondary addresses. I don't know if it currently does.
I think SCTP sends probes periodically to inactive addresses in order to
measure RTT to choose the best alternative path if primary one fails. It
can be seen as a continuous RR check.