On 15/10/2019 16:07, Ludwig Seitz wrote:
78.) Section 6.1I think we should have a little bit more discussion about what attacks are possible even when a client hard-codes a list of trustworthy ASes, e.g., when a device in one AS's purview is compromised and tries to get the client to use a different (possibly also compromised, or maybe just buggy) AS than the one that's supposed to be responsible for the device in question. In short, yes, spoofing is only possible within that set of trusted ASes, but spoofing can still cause problems.[LS] I have added some text in section 6.FIXME Please have a look if this covers what you were aiming at.
A little typo snuck in here. "6.FIXME" should be "6.4" /Ludwig -- Ludwig Seitz, PhD Security Lab, RISE Phone +46(0)70-349 92 51
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
