SEND and DAD optimization (was Re: [DNA-BOF] DAD Optimization ProblemStatement)

[Greg Daley <greg.daley@eng.monash.edu.au>]

Hi Jari,

Jari Arkko wrote:
> Youn-Hee Han wrote:
> 
>> I and Soohong have been writing a problem statement draft for DAD 
>> optimization. Although we seems to need a more discussion about the 
>> exact definition of 'DAD optimization',
>> we hope that our works will help us discuss about it.
>>
>> You can see an incomplete version of the draft in the following link;
>> http://myhome.personaldb.net/bluebibi/dadopti/draft-han-dna-dadopti-problem-statement-00.txt 
>>
>>
>> And, we can think another problems as follows.
>> The followings are not contained in the current document.
>>
>>   [Possible subjects 1]
>>     The basic DAD procedure is very vulnerable to a simple Denial-
>>     of-Service attack.  Basically, an attacker simply prevents a     
>> node from getting a link local address by claiming to have that     
>> particular address. 
> 
> 
> This is currently being take care of by the Secure Neighbor
> Discovey (SEND) Working Group. See draft-ietf-send-ipsec-01.txt
> (to be replaced soon by draft-ietf-send-ndopts-00.txt, but
> that's a detail...)
> 
> So, I wouldn't recommend tackling this problem here
> for the basic DAD vulnerability. However, it would
> very helpful if the new optimized DAD specification
> was already SEND-compliant, in some manner TBD.

I'm pretty sure that SEND is the solution to this problem,
too.

Should we need to mention the problem with DoS, and talk about
SEND in this document?

I'm sure that the compatability which you mentioned above will
need to be in any requirements document on DAD optimization.

Greg