IETF Logo Mail Archive

Re: REMINDER: 6man w.g. last call for <draft-ietf-6man-maxra-01>

Suresh Krishnan <suresh.krishnan@ericsson.com> Fri, 06 January 2017 04:11 UTC

Return-Path: <suresh.krishnan@ericsson.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0C8A129886 for <ipv6@ietfa.amsl.com>; Thu, 5 Jan 2017 20:11:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3uhOxhmUTU4h for <ipv6@ietfa.amsl.com>; Thu, 5 Jan 2017 20:11:06 -0800 (PST)
Received: from usplmg20.ericsson.net (usplmg20.ericsson.net [198.24.6.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA46512987B for <ipv6@ietf.org>; Thu, 5 Jan 2017 20:11:05 -0800 (PST)
X-AuditID: c618062d-e8e5698000007359-ea-586f1f16545e
Received: from EUSAAHC008.ericsson.se (Unknown_Domain [147.117.188.96]) by (Symantec Mail Security) with SMTP id B6.05.29529.61F1F685; Fri, 6 Jan 2017 05:37:42 +0100 (CET)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC008.ericsson.se ([147.117.188.96]) with mapi id 14.03.0319.002; Thu, 5 Jan 2017 23:11:01 -0500
From: Suresh Krishnan <suresh.krishnan@ericsson.com>
To: Tim Chown <Tim.Chown@jisc.ac.uk>, Bob Hinden <bob.hinden@gmail.com>
Subject: Re: REMINDER: 6man w.g. last call for <draft-ietf-6man-maxra-01>
Thread-Topic: REMINDER: 6man w.g. last call for <draft-ietf-6man-maxra-01>
Thread-Index: AQHSW50X2LnjnTgUGkSWKZE0Ax0x4g==
Date: Fri, 06 Jan 2017 04:11:01 +0000
Message-ID: <E87B771635882B4BA20096B589152EF6440E00CD@eusaamb107.ericsson.se>
References: <F21F59C0-6DBD-42A4-B2C3-64E270CCFD76@gmail.com> <D25B7F1D-6925-48FE-B4CA-E8834480A496@gmail.com> <3B76B8CC-8F1F-4FF0-ADAB-656B1819B453@jisc.ac.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.11]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrDLMWRmVeSWpSXmKPExsUyuXRPgq6YfH6Ewe3zchZb3+9js3h59j2T Rd/Px2wOzB47Z91l91iy5CeTx8rfV9gCmKO4bFJSczLLUov07RK4Mg49f8tacIytYnb3e8YG xkWsXYwcHBICJhI3Xwp0MXJxCAmsZ5RoWbqbFcJZxihxZeNPIIeTgw2oaMPOz0wgtoiAu8S0 K7+ZQJqZBWQlrk2KBAkLC3hK/F+5gxWixEti2uHPULaexNdVs9lBbBYBFYlvqy8ygti8Ar4S F5beYQGxhQQWM0os7osDsRkFxCS+n1oDtopZQFzi1pP5YLaEgIDEkj3nmSFsUYmXj/+xQthK Eh9/z2eHqDeQeH9uPjOErS2xbOFrZohdghInZz5hmcAoMgvJ2FlIWmYhaZmFpGUBI8sqRo7S 4oKc3HQjg02MwDg4JsGmu4Px/nTPQ4wCHIxKPLwF8XkRQqyJZcWVuYcYJTiYlUR49UXyI4R4 UxIrq1KL8uOLSnNSiw8xSnOwKInzxq2+Hy4kkJ5YkpqdmlqQWgSTZeLglGpgVC8/c7JX3z10 O+svsXtnCi30rjOee391pfmrmfPZSg69/jTbhvHTB9lrb5uqBE9KLJd971X/t/1grNiNLK7n 61cs3D+5Izbk2eusiYe/vYg6XnG1KHOnuATnyvcHk4sfuPWV+Dy4EX75seqGhczb4m0t85KM mQXYLTIT9tyw+vZYfUH+iqUXupVYijMSDbWYi4oTAQJY+Xx/AgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/Ox52gH8Rp1gDPv3NxU5ARrqBj4o>
Cc: IPv6 List <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2017 04:11:07 -0000

Hi Tim,

On 01/05/2017 06:54 AM, Tim Chown wrote:
> Hi,
>
> Just a brief comment on the Security Considerations.
>
> This draft could mention RFC6105; currently it only says that rogue RAs can “easily” be prevented through use of SeND, but in practice RA Guard approaches are the common mitigation.  I’m also not sure the “attack window” changes; there is either a rogue RA or there isn’t, regardless of the true RA interval.

Adding a reference to RA guard sounds like a good idea. Will do. The attack 
window is larger because the damage from the rogue RA can persist longer 
before getting overridden by a legitimate RA. I don't have strong feelings 
about keeping the "attack window" wording though.

Thanks
Suresh

v2.23.0 | Report a Bug | By Email