Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo-v4traversal-06.txt
Colin Perkins <csp@csperkins.org> Mon, 01 December 2008 12:28 UTC
Return-Path: <mext-bounces@ietf.org>
X-Original-To: monami6-archive@megatron.ietf.org
Delivered-To: ietfarch-monami6-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 15E603A6A89;
Mon, 1 Dec 2008 04:28:19 -0800 (PST)
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 4B97B3A6879;
Mon, 1 Dec 2008 02:13:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.074
X-Spam-Level:
X-Spam-Status: No, score=-6.074 tagged_above=-999 required=5 tests=[AWL=0.513,
BAYES_00=-2.599, GUARANTEED_100_PERCENT=0.012,
RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32])
by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 5BKPplv0LhUP; Mon, 1 Dec 2008 02:13:30 -0800 (PST)
Received: from mr1.dcs.gla.ac.uk (mr1.dcs.gla.ac.uk [130.209.249.184])
by core3.amsl.com (Postfix) with ESMTP id 44D823A63EC;
Mon, 1 Dec 2008 02:13:30 -0800 (PST)
Received: from starkperkins.demon.co.uk ([80.176.158.71]:60194
helo=[192.168.0.4])
by mr1.dcs.gla.ac.uk with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.42)
id 1L75mO-00042I-La; Mon, 01 Dec 2008 10:13:24 +0000
In-Reply-To: <C559F2E3.A7CA%hesham@elevatemobile.com>
References: <C559F2E3.A7CA%hesham@elevatemobile.com>
Mime-Version: 1.0 (Apple Message framework v753.1)
Message-Id: <5B953275-471A-40FF-B923-EB697AA96CA8@csperkins.org>
From: Colin Perkins <csp@csperkins.org>
Date: Mon, 1 Dec 2008 10:13:21 +0000
To: Hesham Soliman <hesham@elevatemobile.com>
X-Mailer: Apple Mail (2.753.1)
X-Mailman-Approved-At: Mon, 01 Dec 2008 04:28:17 -0800
Cc: TSV Dir <tsv-dir@ietf.org>, ietf@ietf.org, "mext@ietf.org" <mext@ietf.org>
Subject: Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo-v4traversal-06.txt
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>,
<mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>,
<mailto:mext-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: mext-bounces@ietf.org
Errors-To: mext-bounces@ietf.org
On 1 Dec 2008, at 09:00, Hesham Soliman wrote: >>> => Well, I'm not sure how a NAT can do that. You mean the NAT will >>> parse the binding update message deep inside the IPv6 extension >>> header in the inner IP packet? This is where the original address >>> is preserved. To do that, a NAT would have to understand the >>> various MIPv6 options, and if it did, it would know not to do >>> that :) The inner header is IPv6, so a NAT should not touch that. >> >> My understanding from the STUN work is that NATs have been observed >> which rewrite any sequence of four aligned bytes matching the source >> IP address, irrespective of its location within the packet (section >> 15.2 of RFC 5389). > > => Sounds freightning! May be we need to mandate encryption and > hope that no 4-byte sequence matched the IP address? What do they > do with encrypted packets? How do they know they're encrypted? One would assume these broken devices will potentially corrupt encrypted packets, the same as they will potentially corrupt any other packet. Hiding the source address when it appears in the payload (either by encryption, or using some trivial obfuscation as does STUN) simply reduces the probability of such corruption so it's no longer 100% guaranteed that the payload will be mangled. -- Colin Perkins http://csperkins.org/ _______________________________________________ MEXT mailing list MEXT@ietf.org https://www.ietf.org/mailman/listinfo/mext
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Hesham Soliman
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Colin Perkins
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Hesham Soliman
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Hesham Soliman
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Colin Perkins
- Re: [MEXT] [tsv-dir] tsv-dir review of draft-ietf… Magnus Westerlund
- Re: [MEXT] [tsv-dir] tsv-dir review of draft-ietf… Colin Perkins
- Re: [MEXT] [tsv-dir] tsv-dir review of draft-ietf… Matt Mathis
- Re: [MEXT] [tsv-dir] tsv-dir review of draft-ietf… Rémi Denis-Courmont
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Jari Arkko
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Colin Perkins
- Re: [MEXT] tsv-dir review of draft-ietf-mext-nemo… Dan Wing