Teco, I am participating in IETF 85 remotely and Lee Howard went to the mic in today's session to relay this question (thanks, Lee!). However, I did not hear any answer. My question is: ---- Has any security analysis been done on the approach suggested in draft-boot-homenet-brdp? Is any security analysis planned? I see the Security Considerations section of the draft is "TBD" but on a brief read of the draft I worry an attacker could misuse it. ----
For instance, an immediate question in my mind was whether an attacker could somehow inject an advertisement with the "D" flag off and causing internal routers to believe that the Border Router is NOT acting as a DHCP server? Could an attacker inject modified BRIOs to, for instance, modify the cost of routes? Are these valid concerns? Or are they protected against by other mechanisms? I don't know. For someone new to reading this draft, it would be helpful to have some commentary in "Security Considerations" about how secure this proposal is. Just my 2 cents, Dan -- Dan York [email protected] http://www.danyork.me/ skype:danyork Phone: +1-802-735-1624 Twitter - http://twitter.com/danyork
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
