Re: [shim6] Problems with ULID (IP) over longer sessions.
Alberto García <alberto@it.uc3m.es> Thu, 29 April 2010 14:26 UTC
Return-Path: <alberto@it.uc3m.es>
X-Original-To: shim6@core3.amsl.com
Delivered-To: shim6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 16C2128C1AA for <shim6@core3.amsl.com>; Thu, 29 Apr 2010 07:26:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.478
X-Spam-Level:
X-Spam-Status: No, score=-3.478 tagged_above=-999 required=5 tests=[AWL=-0.777, BAYES_60=1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uVS1fRNC2Wa5 for <shim6@core3.amsl.com>; Thu, 29 Apr 2010 07:26:29 -0700 (PDT)
Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id C56BF28C266 for <shim6@ietf.org>; Thu, 29 Apr 2010 07:20:39 -0700 (PDT)
X-uc3m-safe: yes
Received: from bombo (bombo.it.uc3m.es [163.117.139.125]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by smtp03.uc3m.es (Postfix) with ESMTP id D4D11730FD3; Thu, 29 Apr 2010 16:20:20 +0200 (CEST)
From: Alberto García <alberto@it.uc3m.es>
To: 'Javier Ubillos' <jav@sics.se>, shim6@ietf.org
References: <1272457259.4126.63.camel@bit>
Date: Thu, 29 Apr 2010 16:20:18 +0200
Message-ID: <DD1BCF0217394718A07CF6EFF8493B0A@bombo>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
In-Reply-To: <1272457259.4126.63.camel@bit>
Thread-Index: AcrmzYnqrZ00zkhNRnyqIk55ng6u2AAxJW0A
X-TM-AS-Product-Ver: IMSS-7.0.0.3116-6.0.0.1038-17352.007
Cc: 'Zhongxing Ming' <mingzx@126.com>
Subject: Re: [shim6] Problems with ULID (IP) over longer sessions.
X-BeenThere: shim6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SHIM6 Working Group Mailing List <shim6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/shim6>, <mailto:shim6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/shim6>
List-Post: <mailto:shim6@ietf.org>
List-Help: <mailto:shim6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shim6>, <mailto:shim6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Apr 2010 14:26:30 -0000
Hi, | -----Mensaje original----- | De: shim6-bounces@ietf.org [mailto:shim6-bounces@ietf.org] En nombre de | Javier Ubillos | Enviado el: miércoles, 28 de abril de 2010 14:21 | Para: shim6@ietf.org | CC: Zhongxing Ming | Asunto: [shim6] Problems with ULID (IP) over longer sessions. | | Hi folks. | | Some time ago I heard a discussion about a potential issue with shim6. | That the Upper Layer Identifier (ULID), chosen as the first pair of | locators used in the communication, could cause | problems/confusion/somethingelse when those locators where no longer | used by the hosts. I.e not in the locator lists. That's not much precise... | | I'm unsure about the details of what would cause the problem or what the | consequences could be. | | My own first reaction is that if a software believes it's communicating | with an IP (a shim6 ULID), it might try to spawn more sockets/flows to | that IP. This is completely reasonable. If a Shim6 context exists for a communication, Shim6 will use the locators in use for the existing context, even if the ULIDs are no longer locators. RFC 5533 even supports establishing a new session for a ULID which is not a valid locator, by using other addresses and including the ULID as an option. Don't see here any problem. | | Have this kind of issues been discussed previously on this list? ( I | couldn't find any discussions about it). | Have any one on this list some more detailed thoughts/experience about | what could cause issues? | | I'm asking this because a couple of colleges and I are looking at using | alternative ULIDs which hopefully would be more of a match with session | identifiers/FQDNs or similar. Well, security issues for these alternative ULIDs should be carefully considered. Regards, Alberto | | Thank you | // Javier Ubillos
- [shim6] Problems with ULID (IP) over longer sessi… Javier Ubillos
- Re: [shim6] Problems with ULID (IP) over longer s… Alberto García
- Re: [shim6] Problems with ULID (IP) over longer s… Erik Nordmark
- Re: [shim6] Problems with ULID (IP) over longer s… Javier Ubillos
- Re: [shim6] Problems with ULID (IP) over longer s… Javier Ubillos
- Re: [shim6] Problems with ULID (IP) over longer s… Erik Nordmark
- Re: [shim6] Problems with ULID (IP) over longer s… Alberto García