Re: Roman Danyliw's No Objection on draft-ietf-6man-grand-05: (with COMMENT)

Jen Linkova <> Wed, 30 June 2021 08:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B9A0C3A11F8; Wed, 30 Jun 2021 01:00:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id jKb9utuxIQpT; Wed, 30 Jun 2021 01:00:16 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 19FD93A11F6; Wed, 30 Jun 2021 01:00:16 -0700 (PDT)
Received: by with SMTP id y9so847067qtx.9; Wed, 30 Jun 2021 01:00:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hm3fHaGI3JsniecvN55H3RvvXqK5F/C3DAfv2K7GGo4=; b=fC5SZx6EfDHDTb45AbzVswOuibFmtqu68nw5in5Bog3dN9B/yjYFQkV6f5+PLetxUj zHJSHevo2TZ4Zsn4lAUOcm49h8i5tWruiKoMLfMZRXQ7EOTmJ7tDR18Z8qmwkfhGFeCm gWotuJNFRzyWbHv0NQKi0Q3tGtSC5ur6iHXprOca0WwpBjsy31ITHC0tklQEDji/GTHX 3MW5NlqBel/EU6Y05LNGwJhqP6+kPgnTuHWTPnmYmI4L1vGLqguwv7GPGajgER9SKomh unU6UViaaaJ7SXE41FEed8b1UCyifoJEfpfbnhq2WA7QtwIb5eBITFeA+xGiGlo0yp5V QGWg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hm3fHaGI3JsniecvN55H3RvvXqK5F/C3DAfv2K7GGo4=; b=GjX8PMH76Lr8YQXsp/joVc8n5fDUi1x0A0zJ/hNVbiyb4pE9/j4U0gmxeazb3KEQa2 m3v04ICrlMRrzlfUALDFSLPN28WxNxgz3edQW+w5H06qlYmqC7s64+IiSwnkJYdl9FhW VPJSr1JCajVB5MjotE70/n9bTiFqW7UEBrFE2FgufwAxTVkT0e+r7frpbTiqBOc/b3ds kNZlKn0pIPGganlMjnTanyUDYW39h8DWVa3dVMxGxZnaRagmCMzG5H32FyX6OQ5GUtHE LLg2GvmzY1q4KTFe8n36nyWW3oPtlhNdmgj3q3quRPilnxw8mvccm+58NNpk3R7qFfuO F+LA==
X-Gm-Message-State: AOAM530MxBubjmLXrVryM0Z/x/3P414YaTtx+FNnar7rvTdHiqjhZDeK dVsan3nZ8ltF0ibxeF1oXXW06PzrqKmmSdidbZw=
X-Google-Smtp-Source: ABdhPJxbblKvMwvw/O+3KHhAATJUvLB+D9GW3sL9xjQF3CtgC/yzVhQH+UzcTTPCo25yLj7BAc6Lkjjymbp/FtYheuc=
X-Received: by 2002:a05:622a:1389:: with SMTP id o9mr1297108qtk.52.1625040013509; Wed, 30 Jun 2021 01:00:13 -0700 (PDT)
MIME-Version: 1.0
References: <>
In-Reply-To: <>
From: Jen Linkova <>
Date: Wed, 30 Jun 2021 18:00:02 +1000
Message-ID: <>
Subject: Re: Roman Danyliw's No Objection on draft-ietf-6man-grand-05: (with COMMENT)
To: Roman Danyliw <>
Cc: The IESG <>, Bob Hinden <>,, 6man <>, 6man Chairs <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 30 Jun 2021 08:00:21 -0000

Hi Roman,

On Wed, Jun 30, 2021 at 6:45 AM Roman Danyliw via Datatracker
<> wrote:
> ** Section 5.3.  Does the outcome of any of the documented scenarios change if
> the host has DAD turned off (per Section 5.3.1, Step #4 and Section 5.3.2, Step
> #5)

I've added the following text to the end of the section 5;
"The analysis assumes that the host performs Duplicate Address
Detection, as section 5.4 of [RFC4862] requires that DAD MUST be
performed on all unicast addresses prior to assigning them to an

> ** Section 10.  It would be useful to reiterate with a back reference the
> unlikely, but possible condition where the duplicated address temporarily gets
> the traffic from the rightful owner (noted in Section 5.3.2).

I've added the following text, please let me know if it doesn't
address your concern:

"Section 5 describes some corner cases when a host with the duplicated
Optimistic address might get some packets intended for the rightful
owner of the address. However such scenarios do not introduce any new
attack vectors: even without the proposed changes, an attacker can
easily override the routers neighbor cache and redirect the traffic by
sending NAs with the Solicited flag set."

SY, Jen Linkova aka Furry