On 14/06/2011 02:23, Fernando Gont wrote:
This is something that vendors should answer. As long as there are implementations that may try DHCPv6 even if no RA is received, DHCPv6 should be implemented/deployed along RA-Guard, or else attackers will switch to teh DHCPv6 vector, and RA-Guard will be circumvented this way.
probably vendors aren't going to do much about dhcp6-guard unless there is a standard to work towards. I'd offer to help out, but my dhcpv6-fu is not really up to it.
Nick -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
