Security considerations of the ICMPv6 draft

[Fernando Gont]

Folks,
I sent some comments off-list to Mukesh, and he suggested to raise them on 
the list.

I think the ICMPv6 draft should add some words to raise awareness about 
ICMP-based attacks that can be performed against transport protocols.

For example, the current draft suggest IPsec, or no checks at all on the 
received ICMP error mesasges.

As pointed out by Pekka:
By the way, one additional ICMP attack that could possibly be included in 5.2:
   6. As the ICMP messages are passed to the upper-layer processes, it
      is possible to perform attacks on the upper layer protocols
      (e.g., TCP) with ICMP [TCP-attack].  Protecting the upper layer
      with IPsec mitigates this problem, though the upper layers may
      also perform some form of validation of ICMPs on their own.
Where [TCP-attack] is an informative reference to 
draft-gont-tcpm-icmp-attacks-03.txt.

Another issue that may be worth considering is suggesting that the 
so-called "hard errors" should not necessarily be considered "hard". While 
there's no RFC 1122 for IPv6 (and thus you might say there's no such thing 
as "hard errors" and "soft errors" in v6), I think everyone will 
extrapolate RFC 1122's statements on soft and hard errors to the ICMPv6 
specification.

--
Fernando Gont
e-mail: [EMAIL PROTECTED] || [EMAIL PROTECTED]

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------