Re: [MEXT] re-direction attack on MCoA

I am of course also interested in this work. I guess we already have
enough people to get the ball rolling on this.

Thanks
George

On Jan 31, 2008 10:59 AM, Suresh Krishnan <suresh.krishnan@ericsson.com> wrote:
> Hi Marcelo,
>   I am willing to work on a generic MIPv6 threats document along with the other interested people.
>
> Cheers
> Suresh
>
> -----Original Message-----
> From: marcelo bagnulo braun [mailto:marcelo@it.uc3m.es]
> Sent: January 31, 2008 11:13 AM
> To: Wassim Haddad
> Cc: Julien Laganier; mext@ietf.org
>
> Subject: Re: [MEXT] re-direction attack on MCoA
>
>
> El 30/01/2008, a las 19:16, Wassim Haddad escribió:
> >
> > => As there is a clear interest in the redirection attack on the HA
> > side, I volunteer to do some work on this one.
> >
>
> I think the work should be general to all residual threats on MIP as
> George mentioned, i think this would be more interesting since it
> would allow us to put the different threats in perspective and figure
> out which ones we should address.
>
>
>
> >
> > Regards,
> >
> > Wassim H.
> >
> >
> >> El 30/01/2008, a las 18:19, Wassim Haddad escribió:
> >>
> >>> Hi Marcelo,
> >>> IMHO, this topic has to be included as a new item in the new
> >>> charter and
> >>> should not be limited to MCoA.
> >>> Regards,
> >>> Wassim H.
> >>> On Wed, 30 Jan 2008, marcelo bagnulo braun wrote:
> >>>> Pascal,
> >>>> The question at this point is the following one: do you think
> >>>> that this threat should be addressed in the MCoA draft itself?
> >>>> comments?
> >>>> Regards, marcelo
> >>>> El 30/01/2008, a las 10:09, Pascal Thubert (pthubert) escribió:
> >>>>> I agree with Wassim on both mails.
> >>>>> There's also the situation where the MN/MR might be fooled by the
> >>>>> visited network into believing that the CoA (or its prefix if a
> >>>>> network
> >>>>> is attacked as opposed to a host) is on the visited link. DSMIP
> >>>>> is also
> >>>>> exposed, in particular with IPv4 CoAs.
> >>>>> There are many scenarios that do not involve high mobility were
> >>>>> a 3-way
> >>>>> or a 4-way handshake could be used to verify the CoA. We have
> >>>>> proposed
> >>>>> such a test in section 6 of the RRH draft that uses a triggered
> >>>>> 2nd BU
> >>>>> flow to verify the CoA in the first one:
> >>>>> http://tools.ietf.org/html/draft-thubert-nemo-reverse-routing-header-07#
> >>>>> section-6
> >>>>> Pascal
> >>>>>> -----Original Message-----
> >>>>>> From: Wassim Haddad [mailto:whaddad@tcs.hut.fi]
> >>>>>> Sent: mercredi 30 janvier 2008 09:32
> >>>>>> To: Benjamin Lim
> >>>>>> Cc: 'Julien Laganier'; mext@ietf.org
> >>>>>> Subject: RE: [MEXT] re-direction attack on MCoA
> >>>>>> On Wed, 30 Jan 2008, Benjamin Lim wrote:
> >>>>>>> All in all, what I am trying to say is that tracing only
> >>>>>>> limits the
> >>>>>>> effect of the attack from escalating further and not
> >>>>>>> preventing it.
> >>>>>> => which (again) also perfectly applies to a single CoA.
> >>>>>> Regards,
> >>>>>> Wassim H.
> >>>>>> _______________________________________________
> >>>>>> MEXT mailing list
> >>>>>> MEXT@ietf.org
> >>>>>> https://www1.ietf.org/mailman/listinfo/mext
> >>>>> _______________________________________________
> >>>>> MEXT mailing list
> >>>>> MEXT@ietf.org
> >>>>> https://www1.ietf.org/mailman/listinfo/mext
> >>> _______________________________________________
> >>> MEXT mailing list
> >>> MEXT@ietf.org
> >>> https://www1.ietf.org/mailman/listinfo/mext
> >>
> > _______________________________________________
> > MEXT mailing list
> > MEXT@ietf.org
> > https://www1.ietf.org/mailman/listinfo/mext
>
>
> _______________________________________________
> MEXT mailing list
> MEXT@ietf.org
> https://www1.ietf.org/mailman/listinfo/mext
>
> _______________________________________________
> MEXT mailing list
> MEXT@ietf.org
> https://www1.ietf.org/mailman/listinfo/mext
>

_______________________________________________
MEXT mailing list
MEXT@ietf.org
https://www1.ietf.org/mailman/listinfo/mext