Brian E Carpenter wrote:
Jari Arkko wrote:
...
o Whether we actually want to define a secure approach to
proxies. Here I'd personally be OK even with no security
for proxying, as long as the above issues were corrected.
But you could also argue the other way; the IETF usually
does require mandatory-to-implement security mechanisms
to go with its protocols.
I'd be a bit concerned if I could, for example, walk into
my neighbour's apartment, hop to his wireless LAN, and
find myself getting proxy ND from a third neighbour I'd
never met, without some sort of AAA process. But for
an Experimental draft we can't really insist on a solution -
for me the question is whether the warnings are sufficient.
Brian
You don't even need to leave your apartment to do that. It's scary how
insecure people's wireless LAN setups are.
Danny
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
