[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 6to4 security questions

To: Pekka Savola <pekkas@netcore.fi>
Subject: Re: 6to4 security questions
From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Date: Thu, 21 Nov 2002 02:53:58 +0100
Cc: Alain Durand <Alain.Durand@sun.com>, Erik Nordmark <Erik.Nordmark@sun.com>, Jason Goldschmidt <jgoldsch@eng.sun.com>, v6ops@ops.ietf.org
Delivery-date: Wed, 20 Nov 2002 17:54:15 -0800
Envelope-to: v6ops-data@psg.com
In-reply-to: Your message of Thu, 21 Nov 2002 00:41:55 +0200. <Pine.LNX.4.44.0211210036350.15127-100000@netcore.fi>
Sender: owner-v6ops@ops.ietf.org

 In your previous mail you wrote:

   > => this is the solution for the home address option similar issue
   > (the option is checked against the binding cache, i.e., is validated
   > only when two-way communication is used).

   The amount of harm one can do is similar, but the model seems otherwise a
   bit different.

   Mobile nodes _were able to_ (speaking about the old spec where unverified
   HAO was still ok) communicate without HAO's.  Your regular honest 6to4
   node can't as it's its only address; they have no care-of addresses for
   bootstrapping, regular/no-frills operation, etc.

=> I don't buy this argument: 6to4 is not the only transition technology.

Francis.Dupont@enst-bretagne.fr

Follow-Ups:
- Re: 6to4 security questions
  - From: Pekka Savola <pekkas@netcore.fi>

References:
- Re: 6to4 security questions
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: (ngtrans) I-D ACTION:draft-ietf-ngtrans-mech-v2-01.txt
Next by Date: Re: (ngtrans) I-D ACTION:draft-ietf-ngtrans-mech-v2-01.txt
Previous by thread: Re: 6to4 security questions
Next by thread: Re: 6to4 security questions
Index(es):
- Date
- Thread