I think the ICMPv6 draft should add some words to raise awareness about ICMP-based attacks that can be performed against transport protocols.
Any text suggestions -- just to have an idea how verbose and explicit you're looking at; did you refer to the proposed text below, or something more extensive?
For example, the current draft suggest IPsec, or no checks at all on the received ICMP error mesasges.
As pointed out by Pekka:
By the way, one additional ICMP attack that could possibly be included in 5.2:
6. As the ICMP messages are passed to the upper-layer processes, it is possible to perform attacks on the upper layer protocols (e.g., TCP) with ICMP [TCP-attack]. Protecting the upper layer with IPsec mitigates this problem, though the upper layers may also perform some form of validation of ICMPs on their own.
Where [TCP-attack] is an informative reference to draft-gont-tcpm-icmp-attacks-03.txt.
Yes, something like this should be added. I thought it already was there, but apparently not...
Another issue that may be worth considering is suggesting that the so-called "hard errors" should not necessarily be considered "hard". While there's no RFC 1122 for IPv6 (and thus you might say there's no such thing as "hard errors" and "soft errors" in v6), I think everyone will extrapolate RFC 1122's statements on soft and hard errors to the ICMPv6 specification.
Even if I may agree with this sentiment, IMHO it seems to go too much on the side of the transport protocols, and doesn't seem to be appropriate in this document. The above already a provides a pointer.
-- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
