Re: shim proxy (was Re: failure detection)

marcelo bagnulo braun <marcelo@it.uc3m.es> Tue, 23 August 2005 14:06 UTC

Envelope-to: shim6-data@psg.com
Delivery-date: Tue, 23 Aug 2005 14:05:52 +0000
Mime-Version: 1.0 (Apple Message framework v622)
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Message-Id: <6ab582b42bd0b68f9634a3572d827e26@it.uc3m.es>
Content-Transfer-Encoding: quoted-printable
Cc: shim6 <shim6@psg.com>
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
Subject: Re: shim proxy (was Re: failure detection)
Date: Tue, 23 Aug 2005 16:06:39 +0200
To: Paul Jakma <paul@clubi.ie>

El 22/08/2005, a las 16:40, Paul Jakma escribió:

> On Mon, 22 Aug 2005, marcelo bagnulo braun wrote:
>
>> the problem is that the is no way to prove the binding between the 
>> identifier and their locator sets... i.e. any prefix could be used 
>> with any identifier and it would be ok, so any rewriting would be ok, 
>> hence the potential attacks...
>
> If, as a subset of all ULIDs, we allow a set of ULIDs to be composed 
> of a network identifier (ie the first 64 bits) and a host identifier 
> (last / least significant 64 bits), ie that the ULID essentially be a 
> valid IPv6 address (which the shim6 drafts anticipate being possible), 
> then the 'proxy' can have a static mapping which need only map the 
> /network/ portion of the ULID to the network portion of a locator. Ie 
> leaving the host portion unchanged.
>
> The security implications are no different from normal static 
> forwarding, as far as I can tell.
>


Not sure...

Some questions about the scheme that you are considering:
- What upper layer identifiers are used in the endpoints? in particular 
which prefixes do they contain? global unicast or a special purpose 
prefix (as in GSE)?
- Are the endpoints of the communication aware of the prefix sets 
(their own and the peer)? or just the proxy is aware of them?
- How do they (endpoint and/or proxy) learn the prefix set of the peer? 
how are they secured?
- How does the security mechanism for securing the prefix set and the 
identifier interact with the proxy and endpoint?

>> Perhaps you could try to evaluate how would such solution cope with 
>> the threats described in the threat analysis...
>
> I don't see the threat.

i was referring to the threats described in 
draft-ietf-multi6-multihoming-threats-03.txt which need to be dealt 
with

regards, marcelo


>
>> as i said, i consider this proxy capability to be really interesting, 
>> but i am afraid you are underestimating the security issues here.
>
> Possible :).
>
>> regards, marcelo
>
> regards,
> -- 
> Paul Jakma	paul@clubi.ie	paul@jakma.org	Key ID: 64A2FF6A
> Fortune:
> Don't put off for tomorrow what you can do today because if you enjoy 
> it today,
> you can do it again tomorrow.
>

Re: shim proxy (was Re: failure detection) marcelo bagnulo braun
Re: shim proxy (was Re: failure detection) Paul Jakma
Re: shim proxy (was Re: failure detection) marcelo bagnulo braun
Re: shim proxy (was Re: failure detection) Paul Jakma
shim proxy (was Re: failure detection) marcelo bagnulo braun