IETF Logo Mail Archive

Re: [savi] Potential issue for all SAVI mechanisms?

Jean-Michel Combes <jeanmichel.combes@gmail.com> Fri, 09 September 2011 15:04 UTC

Return-Path: <jeanmichel.combes@gmail.com>
X-Original-To: savi@ietfa.amsl.com
Delivered-To: savi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 703C521F8BF7 for <savi@ietfa.amsl.com>; Fri, 9 Sep 2011 08:04:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.309
X-Spam-Level:
X-Spam-Status: No, score=-103.309 tagged_above=-999 required=5 tests=[AWL=0.290, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vytfUCrWds-O for <savi@ietfa.amsl.com>; Fri, 9 Sep 2011 08:04:57 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id DE89C21F8BEE for <savi@ietf.org>; Fri, 9 Sep 2011 08:04:56 -0700 (PDT)
Received: by gyd12 with SMTP id 12so1861827gyd.31 for <savi@ietf.org>; Fri, 09 Sep 2011 08:06:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=82DTBphvqgh7uEHfz5QnMSUtHDljE4PGKYbrwXxovdA=; b=ILpKbmJCLzwvW3yXkUrqy7ya+ijHf4ePwQ7ZQq+x+O051hvnVA85kCp6ZfFhteaxcy IcIDfBIcm/nEhfYYE2a53i3npvI26ggDJxXTNuLs43JAPZNEf1UrL9DgrQk7wQDQd1CU nqr1H0LhGqo8V7YEdAi6K+dxIyHqsYGzjQsgU=
MIME-Version: 1.0
Received: by 10.236.200.195 with SMTP id z43mr12371580yhn.127.1315580810088; Fri, 09 Sep 2011 08:06:50 -0700 (PDT)
Received: by 10.146.82.14 with HTTP; Fri, 9 Sep 2011 08:06:49 -0700 (PDT)
In-Reply-To: <B31B8DE2-F666-4C71-9509-AE1DB43520CC@cisco.com>
References: <4E01F2FF.7030108@acm.org> <BANLkTikn45azMHnnduE3BG2o2ttB2Q7syg@mail.gmail.com> <4E0A11D8.5010300@joelhalpern.com> <BANLkTik0fM4xF_iYbZBv6uQ5LwnTS+foyg@mail.gmail.com> <CAA7e52oei4d9A2BcBnpGikreQ575Z1na7U+7oWCwsEvcosQPyg@mail.gmail.com> <000001cc6c8a$a4857c80$ed907580$@it.uc3m.es> <4E662CAF.1010905@joelhalpern.com> <003c01cc6cb7$238670d0$6a935270$@it.uc3m.es> <4E665A4F.9080608@joelhalpern.com> <B31B8DE2-F666-4C71-9509-AE1DB43520CC@cisco.com>
Date: Fri, 09 Sep 2011 17:06:49 +0200
Message-ID: <CAA7e52oYxY0K+e2NpmMnybdPajXAY3pcgno5Cj_zg+Mw+YqFcA@mail.gmail.com>
From: Jean-Michel Combes <jeanmichel.combes@gmail.com>
To: Fred Baker <fred@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: SAVI Mailing List <savi@ietf.org>, Alberto García <alberto@it.uc3m.es>
Subject: Re: [savi] Potential issue for all SAVI mechanisms?
X-BeenThere: savi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mailing list for the SAVI working group at IETF <savi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/savi>, <mailto:savi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/savi>
List-Post: <mailto:savi@ietf.org>
List-Help: <mailto:savi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/savi>, <mailto:savi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Sep 2011 15:04:57 -0000

Hi Fred,

same clarification: from your point of view, we have just to mention
the issue without adding a potential solution to
mitigate it, correct?

Thanks.

Yours,

JMC.

2011/9/6 Fred Baker <fred@cisco.com>:
>
> On Sep 6, 2011, at 10:37 AM, Joel M. Halpern wrote:
>> It seems to me much better to note this vulnerability in SAVI, and leave it there.
>> If we want it fixed, 6man should simply instruct hosts not to accept RAs or DHCPs in fragmented packets.
>
> having 6man fix it makes sense to me. I'm not sure how we can fix it in SAVI without asking the switch to reassemble fragmented messages.
> _______________________________________________
> savi mailing list
> savi@ietf.org
> https://www.ietf.org/mailman/listinfo/savi
>

v2.23.0 | Report a Bug | By Email