[Top] [All Lists]

Re: [BK PATCH] [IPV6] Merge Specification Conformity Improvements

To: pekkas@xxxxxxxxxx
Subject: Re: [BK PATCH] [IPV6] Merge Specification Conformity Improvements
From: YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@xxxxxxxxxxxxxx>
Date: Tue, 14 Sep 2004 00:01:58 +0900 (JST)
Cc: davem@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx, vnuorval@xxxxxxxxxx, yoshfuji@xxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.44.0409131725250.22572-100000@xxxxxxxxxx>
Organization: USAGI Project
References: <20040913.231732.94153456.yoshfuji@xxxxxxxxxxxxxx> <Pine.LNX.4.44.0409131725250.22572-100000@xxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
In article <Pine.LNX.4.44.0409131725250.22572-100000@xxxxxxxxxx> (at Mon, 13 
Sep 2004 17:29:20 +0300 (EEST)), Pekka Savola <pekkas@xxxxxxxxxx> says:

> However, if someone would be forging redirects, the comment would no 
> longer hold.
> I don't know the implications in this case: whether the code needs to 
> have different assumptions wrt. source of redirects, or whether this 
> is just a wording issue in the comment above.

I think we're protected (at least) as the standards says.
 - off-link attacks
 - redirect from non-router for the destination

I'm not sure if we have other things we can do against this issue.

I think other on-link issues (including "forging" issues) 
will be solved by SEND (SEcuring Neighbor Discovery).


<Prev in Thread] Current Thread [Next in Thread>