Hi, all!
We have revised the document (draft-bi-intarea-savi-wlan) in response to the feedback received at IETF119. The key updates are as follows: (1) The need for source address validation in WLANs and the reasons why existing solutions fail to address it are further elaborated in the Introduction. (2) Consideration has been given to the validation of IPv6 prefixes obtained by hosts through DHCPv6 allocation. (3) Modifications to the CAPWAP message format. (4) Added consideration of the impact of different random MAC address generation methods on SAVI-WLAN. Happy to take comments. Sincerely, Lin > -----Original Messages----- > From: internet-dra...@ietf.org > Send time:Friday, 06/07/2024 13:53:21 > To: "Jianping Wu" <jianp...@cernet.edu.cn>, "Lin He" > <he-...@tsinghua.edu.cn>, "Mingwei Xu" <x...@cernet.edu.cn>, "Tao Lin" > <lin...@h3c.com>, "You Wang" <wangyo...@mails.tsinghua.edu.cn> > Subject: New Version Notification for draft-bi-intarea-savi-wlan-03.txt > > A new version of Internet-Draft draft-bi-intarea-savi-wlan-03.txt has been > successfully submitted by Lin He and posted to the > IETF repository. > > Name: draft-bi-intarea-savi-wlan > Revision: 03 > Title: A SAVI Solution for WLAN > Date: 2024-06-06 > Group: Individual Submission > Pages: 19 > URL: https://www.ietf.org/archive/id/draft-bi-intarea-savi-wlan-03.txt > Status: https://datatracker.ietf.org/doc/draft-bi-intarea-savi-wlan/ > HTMLized: https://datatracker.ietf.org/doc/html/draft-bi-intarea-savi-wlan > Diff: > https://author-tools.ietf.org/iddiff?url2=draft-bi-intarea-savi-wlan-03 > > Abstract: > > This document describes a source address validation solution for > WLANs where 802.11i or other security mechanisms are enabled to > secure MAC addresses. This mechanism snoops NDP and DHCP packets to > bind IP addresses to MAC addresses, and relies on the security of MAC > addresses guaranteed by 802.11i or other mechanisms to filter IP > spoofing packets. It can work in the special situations described in > the charter of SAVI (Source Address Validation Improvements) > workgroup, such as multiple MAC addresses on one interface. This > document describes three different deployment scenarios, with > solutions for migration of binding entries when hosts move from one > access point to another. > > > > The IETF Secretariat > _______________________________________________ Int-area mailing list -- int-area@ietf.org To unsubscribe send an email to int-area-le...@ietf.org
