Re: I-D ACTION:draft-ietf-rtgwg-rfc3682bis-08.txt
Pekka Savola <pekkas@netcore.fi> Fri, 15 December 2006 07:55 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gv7uI-0005lV-2n; Fri, 15 Dec 2006 02:55:02 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gv7uG-0005kK-9o for rtgwg@ietf.org; Fri, 15 Dec 2006 02:55:00 -0500
Received: from eunet-gw.ipv6.netcore.fi ([2001:670:86:3001::1] helo=netcore.fi) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Gv7uF-0007gi-PB for rtgwg@ietf.org; Fri, 15 Dec 2006 02:55:00 -0500
Received: from localhost (pekkas@localhost) by netcore.fi (8.12.11.20060614/8.12.11) with ESMTP id kBF7soHS029056 for <rtgwg@ietf.org>; Fri, 15 Dec 2006 09:54:51 +0200
Date: Fri, 15 Dec 2006 09:54:50 +0200
From: Pekka Savola <pekkas@netcore.fi>
To: rtgwg@ietf.org
In-Reply-To: <E1GuxWk-00089P-7s@stiedprstage1.ietf.org>
Message-ID: <Pine.LNX.4.64.0612150950590.28531@netcore.fi>
References: <E1GuxWk-00089P-7s@stiedprstage1.ietf.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Virus-Scanned: ClamAV version 0.88.7, clamav-milter version 0.88.7 on otso.netcore.fi
X-Virus-Status: Clean
X-Spam-Status: No, score=0.1 required=5.0 tests=NO_RELAYS, TW_GW autolearn=failed version=3.1.7
X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on otso.netcore.fi
X-Spam-Score: -2.8 (--)
X-Scan-Signature: c1c65599517f9ac32519d043c37c5336
Subject: Re: I-D ACTION:draft-ietf-rtgwg-rfc3682bis-08.txt
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: rtgwg.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
Errors-To: rtgwg-bounces@ietf.org
On Thu, 14 Dec 2006, Internet-Drafts@ietf.org wrote: > Title : The Generalized TTL Security Mechanism (GTSM) > Author(s) : V. Gill, et al. > Filename : draft-ietf-rtgwg-rfc3682bis-08.txt > Pages : 17 > Date : 2006-12-14 > > The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6) > to verify whether the packet was originated by an adjacent node on a > connected link has been used in many recent protocols. This document > generalizes this technique. This document obsoletes RFC 3682. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-rtgwg-rfc3682bis-08.txt This draft has been significantly revised. I'd recommend everyone to take a look at it. See the diffs etc at: http://tools.ietf.org/wg/rtgwg/draft-ietf-rtgwg-rfc3682bis/ Appendix C.1. Changes between -07 and -08 o Describe the assumption of ingress filtering to protect against on-link attacks. o Rewrite the IP over MPLS section based on the new MPLS TTL handling procedure (from Carlos Pignataro) to get the details of new MPLS architecture right. o Rephrase IP over IP tunneling section a bit, to make distinction between encapsulation and decapsulation behaviour clearer. o Make it clearer in the tunneling section that unless the tunnel peer is also the protocol peer, GTSM should be able to offer protection. o Describe better the applicability of GTSM when tunneling. o Rephrase Multi-hop GTSM section to mainly refer to the difficult- to-quantify security properties as a reason for exclusion at this point. o Some editorial updates. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ rtgwg mailing list rtgwg@ietf.org https://www1.ietf.org/mailman/listinfo/rtgwg
- I-D ACTION:draft-ietf-rtgwg-rfc3682bis-08.txt Internet-Drafts
- Re: I-D ACTION:draft-ietf-rtgwg-rfc3682bis-08.txt Pekka Savola