Mohacsi Janos wrote:
On Thu, 5 Aug 2004, Kurt Erik Lindqvist wrote:
On 2004-08-05, at 02.06, Tony Hain wrote:
The IETF will never resolve the tension between the network
administrator
and the system administrator. That is a local CIO function in each
organization. It is reasonable for the security
On Thu, 5 Aug 2004, Kurt Erik Lindqvist wrote:
On 2004-08-05, at 02.06, Tony Hain wrote:
The IETF will never resolve the tension between the network
administrator
and the system administrator. That is a local CIO function in each
organization. It is reasonable for the security considerations sectio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2004-08-05, at 02.06, Tony Hain wrote:
> The IETF will never resolve the tension between the network
> administrator
> and the system administrator. That is a local CIO function in each
> organization. It is reasonable for the security considerat
Kurt Erik Lindqvist wrote:
> ...
> > That being said, the draft makes a good point: the privacy protections
> > are mostly effective when the network is large, or when the prefix
> > changes. The current RFC 3041 is adequate in large networks, but does
> > not take prefix changes in considerations.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christian,
On 2004-08-02, at 00.31, Christian Huitema wrote:
>>But I assume that also would need consensus on the draft..:-)
>>
>> => of course (but I did never get objections :-).
>
> For the record, I do not agree with the conclusions
> => I agree but there is still no new work on the RFC3041bis...
The proper place for these considerations is indeed the security
consideration section of RFC3041bis.
>But I assume that also would need consensus on the draft..:-)
>
> => of course (but I did never get objections :-).
For t
In your previous mail you wrote:
Some comments :
site-local?
=> oops, I should have removed it some months ago (:-).
> 3. "In-Prefix" Source Addresses Spoofing
>
> Distributed Denial of Services (DDoS) attacks are a variant of
> Denial of Service attacks where the a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Some comments :
> 1. Introduction
[...]
> Interface identifiers are used in the stateless address
> autoconfiguration [4] to create link-local addresses (in all cases)
> and to create global and site-local addresses (for hosts from
> prefi