Re: [v6ops] [EXTERNAL] Improving ND security

Ted Lemon <mellon@fugue.com> Fri, 31 July 2020 16:13 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14C9D3A0C66 for <v6ops@ietfa.amsl.com>; Fri, 31 Jul 2020 09:13:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LzpVyXovTcx7 for <v6ops@ietfa.amsl.com>; Fri, 31 Jul 2020 09:13:29 -0700 (PDT)
Received: from mail-qk1-x72e.google.com (mail-qk1-x72e.google.com [IPv6:2607:f8b0:4864:20::72e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D1F13A0BCE for <v6ops@ietf.org>; Fri, 31 Jul 2020 09:12:52 -0700 (PDT)
Received: by mail-qk1-x72e.google.com with SMTP id b14so27552449qkn.4 for <v6ops@ietf.org>; Fri, 31 Jul 2020 09:12:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=ZFSKm57tuKvxfUZf26XprYQTFg4PePDFcGTmsAp679I=; b=d7Ji/8eNQlD4tkBzL2vk1rwdwCX6C/0SBCdZHy7zygko1KVa1Guai9nrHt9RSJBijH /LsDdSKuiPzPlE+daF9q12vKjZ3NimvkJJxZBU8UPt5OOGGITaZZUpdGh06tm5+OSbL6 Z4do7pKCTKJyjJlj4As6kDyduIpKT2dAPCnndZ26l2zmVW7qPUbbLSzAEfyZigX+6GHt XdjZDfDjRJITS5ov8m0brew7lTmlt5cSgU74j4NKfrw6aLAETghDVb2JLOfp2NJsATTU MwsylyQ/VOet+FFDrkMAIl+lFOulgX1ncNmO71TsXsgAyPT22tl2k9wOFtb6PcFRHN+R Tueg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=ZFSKm57tuKvxfUZf26XprYQTFg4PePDFcGTmsAp679I=; b=nLkIX0gzKqiByZFJi4b9V5Shdf5HLNEQa/lpfGoPDe/3ZRrny/mD8FGR+MJxJixf0a XmlYTAhhzetJpfCsfyfEnvRJuwtdZt/uKRmoFUg3eyV4LFW0ZrfrMyzx6yiIdiYIBlzN /pKfYKHhfXVZ6d7NE572RtnQwP9yqoYJR3uD3K2T2yh9qORZwk1Qc1ioATg5XmiAUV8+ LOUjB8eXqWr7oFf2fXSUYaWGkRQQGLHTHkUP3dF3BL2Kc2vhLf6M36uJEPGdsdNUTbHO TbDGSsp84PYFgWQTXPjkQ0fIVfoe0N/K581A11QE0zQreX8rDV6ZGlgyohP1jg7m5WxJ Ic9Q==
X-Gm-Message-State: AOAM5338PtBvOj0OGJGlHdo9oT7Yd5qNkPzyz/jDikaIhdq+11hLzNvp RrmMptnvRlkw9rIuRtE4iQ5gkQ==
X-Google-Smtp-Source: ABdhPJy7H1ZjLEUExzgL3Jv1EgQV1FT7fDv7kVaSeS9bHWqURgwaR5CHCd2ypcELQYi4MgzP4RjPXw==
X-Received: by 2002:a05:620a:15e9:: with SMTP id p9mr5056716qkm.38.1596211971436; Fri, 31 Jul 2020 09:12:51 -0700 (PDT)
Received: from ?IPv6:2601:18b:300:36ee:1d5e:d83c:760:89f9? ([2601:18b:300:36ee:1d5e:d83c:760:89f9]) by smtp.gmail.com with ESMTPSA id c9sm8339449qkm.44.2020.07.31.09.12.50 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 31 Jul 2020 09:12:51 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <25FAEE9A-3D14-4428-A573-5EFE863219D2@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_781F7F06-DE41-4D90-83CC-D5F4F2D3C17B"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Date: Fri, 31 Jul 2020 12:12:49 -0400
In-Reply-To: <caa62d8d93594f7ea445a403fac8c140@boeing.com>
Cc: "Pascal Thubert (pthubert)" <pthubert=40cisco.com@dmarc.ietf.org>, v6ops list <v6ops@ietf.org>, 6man <ipv6@ietf.org>
To: "Templin (US), Fred L" <Fred.L.Templin@boeing.com>
References: <96fa6d80137241dd9b57fcd871c8a897@huawei.com> <CAFU7BARePzdeU5DFgoOWyrF0xZCj67_xkC2t8vMN2nH0d8aUig@mail.gmail.com> <37e2a7110f6b423eba0303811913f533@huawei.com> <CAFU7BATiD8RkiWXjrxGuAJU-BUwRQCErYZivUPZ-Mc_up_qGxQ@mail.gmail.com> <aebc46c9b813477b9ae0db0ef33e7bd9@huawei.com> <CAO42Z2yL7+GbO6QRaNzFYoBXLF-JZ2NfwgTTt2zerKhJLwt2Lw@mail.gmail.com> <3C1ECB6F-E667-4200-964F-AB233A0A56E9@cisco.com> <91D98D51-4045-4331-A711-8387ECE73400@fugue.com> <a43ffd94d6364a0f869cd4c694ab7432@boeing.com> <5FB3E98B-6CEE-458C-90B7-E6FD73C7AFDE@fugue.com> <caa62d8d93594f7ea445a403fac8c140@boeing.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/pez-0wL37ylZaBvxLwb1a6gbhAE>
Subject: Re: [v6ops] [EXTERNAL] Improving ND security
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 16:13:37 -0000

On Jul 31, 2020, at 12:10 PM, Templin (US), Fred L <Fred.L.Templin@boeing.com> wrote:
> I like SEND, and it is written into my documents – is that enough of a push, or do I need
> to do more aggressive marketing? Interested in helping?

The push would have to be from somebody producing software that has broad reach. And it would have to solve a real problem or nobody with that reach would try to do it.

Does it solve the problem Owen was talking about (overloading neighbor tables as an attack)?  Is there agreement that this is a serious problem in any case?