[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [DNA] RE: draft-ietf-dna-link-information-03

To: alper.yegin@yegin.org, jari.arkko@piuha.net
Subject: RE: [DNA] RE: draft-ietf-dna-link-information-03
From: Bernard Aboba <bernard_aboba@hotmail.com>
Date: Fri, 16 Jun 2006 08:58:48 -0700
Cc: dna@eng.monash.edu.au
In-reply-to: <0MKoyl-1FqwH50ag1-0002nr@mrelay.perfora.net>
Sender: owner-dna@ecselists.eng.monash.edu.au

>Additionally, protocol stack
>may also use some upper layer mechanisms to achieve partial protection
>against situations where incorrect event notifications are generated (e.g.,
>upper-layer confirmation of the link-layer event).

Are you referring to DNA itself here?  (e.g. use of SEND)

>When the link-layer and the network-layer reside on separate nodes as in a
>distributed stack implementation, the event notifications MUST be
>authenticated, replay and integrity protected as they are delivered. The 
>specific mechanisms to achieve the security of notifications are outside 
>the
>scope of this document.

It seems odd to be making strong normative statements at the same time it is 
stated that the mechanisms to achieve the mandates are out of scope.

Overall, I think there is still a missing piece here relating to damping.  
It is one thing for an attacker to be able to execute a DoS attack on one 
node;  it is another to be able to leverage that node's DNA implementation 
to DoS others on the same network, or across the Internet.

Follow-Ups:
- RE: [DNA] RE: draft-ietf-dna-link-information-03
  - From: Alper Yegin <alper.yegin@yegin.org>

References:
- RE: [DNA] RE: draft-ietf-dna-link-information-03
  - From: Alper Yegin <alper.yegin@yegin.org>

Prev by Date: [DNA] CONSENSUS CALL : Document merges
Next by Date: RE: [DNA] RE: draft-ietf-dna-link-information-03
Prev by thread: RE: [DNA] RE: draft-ietf-dna-link-information-03
Next by thread: RE: [DNA] RE: draft-ietf-dna-link-information-03
Index(es):
- Date
- Thread