IETF Logo Mail Archive

Re: [MEXT] re-direction attack on MCoA

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Wed, 06 February 2008 13:26 UTC

Return-Path: <mext-bounces@ietf.org>
X-Original-To: ietfarch-mip6-archive@core3.amsl.com
Delivered-To: ietfarch-mip6-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5EBAD3A6E41; Wed, 6 Feb 2008 05:26:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from core3.amsl.com ([127.0.0.1]) by localhost (mail.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GL-iZMKY-WHw; Wed, 6 Feb 2008 05:26:46 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 50D0B3A6D6B; Wed, 6 Feb 2008 05:26:46 -0800 (PST)
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AD81C3A683D for <mext@core3.amsl.com>; Wed, 6 Feb 2008 05:26:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from core3.amsl.com ([127.0.0.1]) by localhost (mail.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oMDONuL2YWvf for <mext@core3.amsl.com>; Wed, 6 Feb 2008 05:26:43 -0800 (PST)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by core3.amsl.com (Postfix) with ESMTP id 8B10A3A6CA0 for <mext@ietf.org>; Wed, 6 Feb 2008 05:26:43 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.25,312,1199660400"; d="scan'208";a="4903827"
Received: from ams-dkim-2.cisco.com ([144.254.224.139]) by ams-iport-1.cisco.com with ESMTP; 06 Feb 2008 14:28:14 +0100
Received: from ams-core-1.cisco.com (ams-core-1.cisco.com [144.254.224.150]) by ams-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id m16DSDjP006032; Wed, 6 Feb 2008 14:28:13 +0100
Received: from xbh-ams-332.emea.cisco.com (xbh-ams-332.cisco.com [144.254.231.87]) by ams-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id m16DSCKx003139; Wed, 6 Feb 2008 13:28:12 GMT
Received: from xmb-ams-337.cisco.com ([144.254.231.82]) by xbh-ams-332.emea.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 6 Feb 2008 14:28:06 +0100
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Wed, 06 Feb 2008 14:28:06 +0100
Message-ID: <7892795E1A87F04CADFCCF41FADD00FC0526C76F@xmb-ams-337.emea.cisco.com>
In-Reply-To: <4C47BAA9-BA58-45F7-BDCF-2C050118BACE@it.uc3m.es>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [MEXT] re-direction attack on MCoA
thread-index: AchjX6xAfnRfYwSzTNeIL8EZ9vivcQFWJZFA
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: marcelo bagnulo braun <marcelo@it.uc3m.es>
X-OriginalArrivalTime: 06 Feb 2008 13:28:06.0865 (UTC) FILETIME=[1BC23410:01C868C4]
Authentication-Results: ams-dkim-2; header.From=pthubert@cisco.com; dkim=pass ( sig from cisco.com/amsdkim2001 verified; );
Cc: Julien Laganier <julien.laganier@laposte.net>, mext@ietf.org
Subject: Re: [MEXT] re-direction attack on MCoA
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: mext-bounces@ietf.org
Errors-To: mext-bounces@ietf.org

Hi Marcelo:

I think there should be a separate draft for the RR check to the CoA. The problem is everywhere and not specific to MCoA, just like it's not specific to DSMIP. 

The trouble is that the draft in question is never started. I'll be happy to give away the text from RRH for that noble purpose ;)

Pascal
 

>-----Original Message-----
>From: marcelo bagnulo braun [mailto:marcelo@it.uc3m.es] 
>Sent: mercredi 30 janvier 2008 17:46
>To: Pascal Thubert (pthubert)
>Cc: Wassim Haddad; Benjamin Lim; Julien Laganier; mext@ietf.org
>Subject: Re: [MEXT] re-direction attack on MCoA
>
>Pascal,
>
>The question at this point is the following one: do you think 
>that this threat should be addressed in the MCoA draft itself?
>
>comments?
>
>Regards, marcelo
>
>
>El 30/01/2008, a las 10:09, Pascal Thubert (pthubert) escribió:
>
>> I agree with Wassim on both mails.
>>
>> There's also the situation where the MN/MR might be fooled by the 
>> visited network into believing that the CoA (or its prefix if a 
>> network is attacked as opposed to a host) is on the visited link. 
>> DSMIP is also exposed, in particular with IPv4 CoAs.
>>
>> There are many scenarios that do not involve high mobility were a 3- 
>> way or a 4-way handshake could be used to verify the CoA. We have 
>> proposed such a test in section 6 of the RRH draft that uses a 
>> triggered 2nd BU flow to verify the CoA in the first one:
>> 
>http://tools.ietf.org/html/draft-thubert-nemo-reverse-routing-header-0
>> 7#
>> section-6
>>
>>
>> Pascal
>>
>>
>>> -----Original Message-----
>>> From: Wassim Haddad [mailto:whaddad@tcs.hut.fi]
>>> Sent: mercredi 30 janvier 2008 09:32
>>> To: Benjamin Lim
>>> Cc: 'Julien Laganier'; mext@ietf.org
>>> Subject: RE: [MEXT] re-direction attack on MCoA
>>>
>>> On Wed, 30 Jan 2008, Benjamin Lim wrote:
>>>
>>>> All in all, what I am trying to say is that tracing only 
>limits the 
>>>> effect of the attack from escalating further and not preventing it.
>>>
>>> => which (again) also perfectly applies to a single CoA.
>>>
>>>
>>> Regards,
>>>
>>> Wassim H.
>>>
>>>
>>> _______________________________________________
>>> MEXT mailing list
>>> MEXT@ietf.org
>>> https://www1.ietf.org/mailman/listinfo/mext
>>>
>>
>> _______________________________________________
>> MEXT mailing list
>> MEXT@ietf.org
>> https://www1.ietf.org/mailman/listinfo/mext
>
>
_______________________________________________
MEXT mailing list
MEXT@ietf.org
http://www.ietf.org/mailman/listinfo/mext

v2.23.0 | Report a Bug | By Email