Re: [MEXT] re-direction attack on MCoA
"George Tsirtsis" <tsirtsis@googlemail.com> Thu, 31 January 2008 11:08 UTC
Return-path: <mext-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JKXH6-0005P8-Su; Thu, 31 Jan 2008 06:08:08 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JKXH5-0005NI-O0 for mext@ietf.org; Thu, 31 Jan 2008 06:08:07 -0500
Received: from py-out-1112.google.com ([64.233.166.183]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JKXH3-0000Bl-JH for mext@ietf.org; Thu, 31 Jan 2008 06:08:07 -0500
Received: by py-out-1112.google.com with SMTP id x19so710311pyg.24 for <mext@ietf.org>; Thu, 31 Jan 2008 03:08:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=Y0u1XV69Q3W+WzB9Z0yklpvrOVH5xqOgIeoQFtFDqm0=; b=lRmy38IQ2UGa6+bsia1KzNEUmaTGT+KiPeAP0Q9hYpKEvuikAPSjvn051O1cfbMLgH8lUrRtJOzggmlN8cAWfTR9XEdF62aTZSIMlmr2oiSKSVvePde164QUgypGLIb94tzO+kAz5RJXTOpzZ3A/6G4mhMa63xL87/sDIKuBHOU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Mtuq9pntYUHczlYJU9b/5ntMvhi8/5dJzx8b78ReMSCP8F8IkzZcjZigfxLBMuxhrT1DAj4wLfOQ6boErNKV0aoAT9xlCRVVOXqGJ0C1fL9nWTqaxvy4DkVclhJGBfl4QJ4A8nJIZ55+vkbXCk9VeCC0aOejlnm7wuu+dLLeNbI=
Received: by 10.142.105.14 with SMTP id d14mr1003663wfc.67.1201777684651; Thu, 31 Jan 2008 03:08:04 -0800 (PST)
Received: by 10.142.165.1 with HTTP; Thu, 31 Jan 2008 03:08:04 -0800 (PST)
Message-ID: <d3886a520801310308u937f976u214dff17a050d97b@mail.gmail.com>
Date: Thu, 31 Jan 2008 11:08:04 +0000
From: George Tsirtsis <tsirtsis@googlemail.com>
To: Suresh Krishnan <suresh.krishnan@ericsson.com>
Subject: Re: [MEXT] re-direction attack on MCoA
In-Reply-To: <6D19CA8D71C89C43A057926FE0D4ADAA232B6D@ecamlmw720.eamcs.ericsson.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <7892795E1A87F04CADFCCF41FADD00FC051C02A0@xmb-ams-337.emea.cisco.com> <4C47BAA9-BA58-45F7-BDCF-2C050118BACE@it.uc3m.es> <Pine.LNX.4.64.0801301915130.30941@rhea.tcs.hut.fi> <F9F7F253-DC2E-4F89-B235-6C00A981425B@it.uc3m.es> <Pine.LNX.4.64.0801302010130.30941@rhea.tcs.hut.fi> <E4A82F11-1FA6-4908-A466-EC839FD7C315@it.uc3m.es> <6D19CA8D71C89C43A057926FE0D4ADAA232B6D@ecamlmw720.eamcs.ericsson.se>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 67c1ea29f88502ef6a32ccec927970f0
Cc: Julien Laganier <julien.laganier@laposte.net>, mext@ietf.org
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
Errors-To: mext-bounces@ietf.org
I am of course also interested in this work. I guess we already have enough people to get the ball rolling on this. Thanks George On Jan 31, 2008 10:59 AM, Suresh Krishnan <suresh.krishnan@ericsson.com> wrote: > Hi Marcelo, > I am willing to work on a generic MIPv6 threats document along with the other interested people. > > Cheers > Suresh > > -----Original Message----- > From: marcelo bagnulo braun [mailto:marcelo@it.uc3m.es] > Sent: January 31, 2008 11:13 AM > To: Wassim Haddad > Cc: Julien Laganier; mext@ietf.org > > Subject: Re: [MEXT] re-direction attack on MCoA > > > El 30/01/2008, a las 19:16, Wassim Haddad escribió: > > > > => As there is a clear interest in the redirection attack on the HA > > side, I volunteer to do some work on this one. > > > > I think the work should be general to all residual threats on MIP as > George mentioned, i think this would be more interesting since it > would allow us to put the different threats in perspective and figure > out which ones we should address. > > > > > > > Regards, > > > > Wassim H. > > > > > >> El 30/01/2008, a las 18:19, Wassim Haddad escribió: > >> > >>> Hi Marcelo, > >>> IMHO, this topic has to be included as a new item in the new > >>> charter and > >>> should not be limited to MCoA. > >>> Regards, > >>> Wassim H. > >>> On Wed, 30 Jan 2008, marcelo bagnulo braun wrote: > >>>> Pascal, > >>>> The question at this point is the following one: do you think > >>>> that this threat should be addressed in the MCoA draft itself? > >>>> comments? > >>>> Regards, marcelo > >>>> El 30/01/2008, a las 10:09, Pascal Thubert (pthubert) escribió: > >>>>> I agree with Wassim on both mails. > >>>>> There's also the situation where the MN/MR might be fooled by the > >>>>> visited network into believing that the CoA (or its prefix if a > >>>>> network > >>>>> is attacked as opposed to a host) is on the visited link. DSMIP > >>>>> is also > >>>>> exposed, in particular with IPv4 CoAs. > >>>>> There are many scenarios that do not involve high mobility were > >>>>> a 3-way > >>>>> or a 4-way handshake could be used to verify the CoA. We have > >>>>> proposed > >>>>> such a test in section 6 of the RRH draft that uses a triggered > >>>>> 2nd BU > >>>>> flow to verify the CoA in the first one: > >>>>> http://tools.ietf.org/html/draft-thubert-nemo-reverse-routing-header-07# > >>>>> section-6 > >>>>> Pascal > >>>>>> -----Original Message----- > >>>>>> From: Wassim Haddad [mailto:whaddad@tcs.hut.fi] > >>>>>> Sent: mercredi 30 janvier 2008 09:32 > >>>>>> To: Benjamin Lim > >>>>>> Cc: 'Julien Laganier'; mext@ietf.org > >>>>>> Subject: RE: [MEXT] re-direction attack on MCoA > >>>>>> On Wed, 30 Jan 2008, Benjamin Lim wrote: > >>>>>>> All in all, what I am trying to say is that tracing only > >>>>>>> limits the > >>>>>>> effect of the attack from escalating further and not > >>>>>>> preventing it. > >>>>>> => which (again) also perfectly applies to a single CoA. > >>>>>> Regards, > >>>>>> Wassim H. > >>>>>> _______________________________________________ > >>>>>> MEXT mailing list > >>>>>> MEXT@ietf.org > >>>>>> https://www1.ietf.org/mailman/listinfo/mext > >>>>> _______________________________________________ > >>>>> MEXT mailing list > >>>>> MEXT@ietf.org > >>>>> https://www1.ietf.org/mailman/listinfo/mext > >>> _______________________________________________ > >>> MEXT mailing list > >>> MEXT@ietf.org > >>> https://www1.ietf.org/mailman/listinfo/mext > >> > > _______________________________________________ > > MEXT mailing list > > MEXT@ietf.org > > https://www1.ietf.org/mailman/listinfo/mext > > > _______________________________________________ > MEXT mailing list > MEXT@ietf.org > https://www1.ietf.org/mailman/listinfo/mext > > _______________________________________________ > MEXT mailing list > MEXT@ietf.org > https://www1.ietf.org/mailman/listinfo/mext > _______________________________________________ MEXT mailing list MEXT@ietf.org https://www1.ietf.org/mailman/listinfo/mext
- [MEXT] re-direction attack on MCoA RYUJI WAKIKAWA
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA RYUJI WAKIKAWA
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- Re: [MEXT] re-direction attack on MCoA Vijay Devarapalli
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- Re: [MEXT] re-direction attack on MCoA George Tsirtsis
- Re: [MEXT] re-direction attack on MCoA Julien Laganier
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Wassim Haddad
- RE: [MEXT] re-direction attack on MCoA Pascal Thubert (pthubert)
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA Wassim Haddad
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- RE: [MEXT] re-direction attack on MCoA Benjamin Lim
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- RE: [MEXT] re-direction attack on MCoA Suresh Krishnan
- Re: [MEXT] re-direction attack on MCoA George Tsirtsis
- Re: [MEXT] re-direction attack on MCoA Jean-Michel Combes
- Re: [MEXT] re-direction attack on MCoA RYUJI WAKIKAWA
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA Pascal Thubert (pthubert)
- Re: [MEXT] re-direction attack on MCoA marcelo bagnulo braun
- [MEXT] MIP threats (Re: re-direction attack on MC… Lakshminath Dondeti
- Re: [MEXT] MIP threats (Re: re-direction attack o… marcelo bagnulo braun
- Re: [MEXT] MIP threats (Re: re-direction attack o… George Tsirtsis