[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 6to4 security questions
In your previous mail you wrote:
There are in my opinion 4 ways forward:
1- Revisit 6to4 architecture to have bi-directional communication
between the 6to4 router and the 6to4 relay. That way the decapsulating
6to4 router could apply some checks and make sure packets are comming
from a legitimate 6to4 relay.
=> this is the solution for the home address option similar issue
(the option is checked against the binding cache, i.e., is validated
only when two-way communication is used).