IETF Logo Mail Archive

[rbridge] Updated charter

sommerfeld at sun.com (Bill Sommerfeld) Sat, 29 January 2005 06:42 UTC

From: "sommerfeld at sun.com"
Date: Sat, 29 Jan 2005 06:42:53 +0000
Subject: [rbridge] Updated charter
In-Reply-To: <C58433C2-71DD-11D9-A2CE-000D93ACD0FE@it.uc3m.es>
References: <41F99A4C.1020701@sun.com> <95173CDE-7114-11D9-A2CE-000D93ACD0FE@it.uc3m.es> <41FA8C7A.80907@sun.com> <1106971684.2376.229.camel@thunk> <41FB1BFD.7070301@sun.com> <C58433C2-71DD-11D9-A2CE-000D93ACD0FE@it.uc3m.es>
Message-ID: <1107009668.5576.3561.camel@unknown.hamachi.org>
X-Date: Sat Jan 29 06:42:53 2005

On Sat, 2005-01-29 at 05:08, marcelo bagnulo braun wrote:

> but, wouldn't this render trivial to sniff any communication across the 
> whole bridged cloud?

Seems to me like the existing properties in the charter (allow nodes 
to move at will; zero delay on new node connection, etc) will already allow for
relatively trivial traffic hijacking, which, if anything, is worse than 
passive sniffing.

With both nodes getting the traffic you at least prevent that denial-of-service.

> i mean, i don't think it would acceptable to substitute routers by 
> rbridges if one of the costs is that anyone can sniff any 
> communication....

I want it to be acceptable to replace bridges with rbridges; I don't think it will
be acceptable to do that if you can spoof arp undetectably.

And nothing prevents the rbridge from locking down certain addresses when
local policy says to.

							- Bill

v2.23.0 | Report a Bug | By Email