At the suggestion of one of the RRG Chairs, kindly let me reiterate
the explanations on this topic, with specific reference to the slides
presented at RRG in Stockholm today.
Looking specifically at Slide 22:
1) Off-path Attacks
Ordinary IPv6 without IPsec has broad vulnerability to on-path
attacks,
as noted in Slide 22, round bullet 2, triangle sub-bullet 2, first
dash sub-sub-bullet.
This means that to provide equivalent security ILNP without IPsec
only needs to protect against off-path attacks.
ILNP includes a Nonce to protect traffic from off-path attacks,
as described in Slide 22, 2nd round bullet (and its subsidiary
items).
This means that ILNP without IPsec has the same security properties
as IPv6 without IPsec. This is also described in draft-rja-ilnp-
nonce-*
and in the other draft-rja-ilnp-* drafts -- in more detail than fits
on 1 slide in a ~30 minute overview talk. This is also described
in the 2nd circular bullet on Slide 22.
2) On-path Attacks
For ordinary IPv6, the only solution to on-path attacks is to use
IPsec (most obviously AH, but some forms of ESP could also suffice).
For ILNP, the existing solution of IPsec continues to work fine, and
actually works *better* because IPsec for ILNP works even if Locator
Translation ("NAT") is deployed along the path -- without requiring
any special UDP encapsulation for "IPsec NAT Traversal". This is
described in the first round bullet of Slide 22 (and its subsidiary
items on that same slide).
Yours,
Ran
_______________________________________________
rrg mailing list
[email protected]
http://www.irtf.org/mailman/listinfo/rrg
