IETF Logo Mail Archive

Re: [savi] Potential issue for all SAVI mechanisms?

"Joel M. Halpern" <jmh@joelhalpern.com> Fri, 09 September 2011 15:52 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: savi@ietfa.amsl.com
Delivered-To: savi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E61A21F86AA for <savi@ietfa.amsl.com>; Fri, 9 Sep 2011 08:52:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.522
X-Spam-Level:
X-Spam-Status: No, score=-102.522 tagged_above=-999 required=5 tests=[AWL=0.077, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1rTlfEgN5DhA for <savi@ietfa.amsl.com>; Fri, 9 Sep 2011 08:52:47 -0700 (PDT)
Received: from hgblob.out.tigertech.net (hgblob-ipv6.tigertech.net [IPv6:2604:4f00::1:0:0:22]) by ietfa.amsl.com (Postfix) with ESMTP id 31FE321F88B6 for <savi@ietf.org>; Fri, 9 Sep 2011 08:52:47 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hgblob.tigertech.net (Postfix) with ESMTP id 78EDD325C156; Fri, 9 Sep 2011 08:54:42 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at hgblob.tigertech.net
Received: from [10.10.10.104] (pool-71-161-51-56.clppva.btas.verizon.net [71.161.51.56]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by hgblob.tigertech.net (Postfix) with ESMTPSA id C20D03228BE9; Fri, 9 Sep 2011 08:54:41 -0700 (PDT)
Message-ID: <4E6A369F.1070605@joelhalpern.com>
Date: Fri, 09 Sep 2011 11:54:07 -0400
From: "Joel M. Halpern" <jmh@joelhalpern.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20110902 Thunderbird/6.0.2
MIME-Version: 1.0
To: Jean-Michel Combes <jeanmichel.combes@gmail.com>
References: <4E01F2FF.7030108@acm.org> <BANLkTikn45azMHnnduE3BG2o2ttB2Q7syg@mail.gmail.com> <4E0A11D8.5010300@joelhalpern.com> <BANLkTik0fM4xF_iYbZBv6uQ5LwnTS+foyg@mail.gmail.com> <CAA7e52oei4d9A2BcBnpGikreQ575Z1na7U+7oWCwsEvcosQPyg@mail.gmail.com> <000001cc6c8a$a4857c80$ed907580$@it.uc3m.es> <4E662CAF.1010905@joelhalpern.com> <003c01cc6cb7$238670d0$6a935270$@it.uc3m.es> <4E665A4F.9080608@joelhalpern.com> <CAA7e52o335jshL=aS3pbMfjkE7V8aydcPbKxNFJ-ohMep4-H6A@mail.gmail.com>
In-Reply-To: <CAA7e52o335jshL=aS3pbMfjkE7V8aydcPbKxNFJ-ohMep4-H6A@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: SAVI Mailing List <savi@ietf.org>, Alberto García <alberto@it.uc3m.es>
Subject: Re: [savi] Potential issue for all SAVI mechanisms?
X-BeenThere: savi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mailing list for the SAVI working group at IETF <savi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/savi>, <mailto:savi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/savi>
List-Post: <mailto:savi@ietf.org>
List-Help: <mailto:savi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/savi>, <mailto:savi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Sep 2011 15:52:48 -0000

Agreed.  Our document should not describe the solution.  Joel

On 9/9/2011 11:05 AM, Jean-Michel Combes wrote:
> Hi Joel,
>
>
> 2011/9/6 Joel M. Halpern<jmh@joelhalpern.com>:
>
> [snip]
>
>>
>> It seems to me much better to note this vulnerability in SAVI, and leave it
>> there.
>
> Just a clarification: from your point of view, we have just to mention
> the issue without adding a potential solution (e.g.,
> http://www.ietf.org/mail-archive/web/savi/current/msg01675.html) to
> mitigate it, correct?
>
> Thanks.
>
> Yours,
>
> JMC.
>
>> If we want it fixed, 6man should simply instruct hosts not to accept RAs or
>> DHCPs in fragmented packets.
>>
>> Yours,
>> Joel
>>

v2.23.0 | Report a Bug | By Email