Hi Fred,
El 04/06/2007, a las 14:29, Fred Baker escribió:
On Jun 1, 2007, at 11:42 AM, marcelo bagnulo braun wrote:
we have proposed a BOF on SeND and CGA extensions for the Chicago
IETF. I attach the proposed charter below. There is a mailing list
created for the discussion
(https://www1.ietf.org/mailman/listinfo/cga-ext)
The SAVA BOF is bringing up another issue, that of source address
validation. In theory, using SAA one could open a new address for each
TCP session on a web client; more realistically, someone concerned
enough to do such things would probably change their address once a
minute and use the address for all TCP sessions started in that minute
even if they lapped into a subsequent one. But if the first hop router
is going to verify that the MAC Address and the IPv6 source address
are those of the same machine, SeND or something like it is going to
have to be used to notify the router of the changing mapping (else it
is just an attack vector), or the router is going to put a stop to it
pretty quickly.
It would be nice to verify that we can handle this with SeND, and make
whatever adjustments are required.
thanks for the feedback
do you think there are some features that SeND should support to deal
with this type of cases independently of the actual SAVA solution
adopted or do you think that the the changes required to SeND heavily
depend on the actual final SAVA solution? I mean, if it is the first
case, it would be interesting to work on this at this stage, but if it
is the second option probably we should wait till the SAVA solution is
more defined?
Regards, marcelo
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
