Hiya,

I suggest asking the chairs to hit the "request directorate" review
(iirc only they can see that button?) for an early secdir review.

For myself, I've not read the draft yet (I will over the next few
weeks) but have two questions while I'm here:

1) The first sentence seems to not say what to do if a packet comes
from a 1918 IPv4 address. Even if that's not supposed to happen, it
could be attempted. What's an implementation supposed to do then?

2) Again I need to read the rest of the draft, but does this mean
that anyone on that link of the homenet can inject these messages
without any authentication, and if so why is that ok? (I'm not
asking for now why doing better is too hard, just why it's ok for
any node on link to be able to play here.)

Cheers,
S.

On 25/07/17 21:27, Juliusz Chroboczek wrote:
> Dear all,
> 
> All security wizards are kindly requested to carefully read and if
> necessary criticise the following section:
> 
>   https://tools.ietf.org/html/draft-ietf-homenet-babel-profile-02#section-4
> 
> Nasty comments on list, please, compliments by private mail ;-)
> 
> Thanks,
> 
> -- Juliusz
> 
> _______________________________________________
> homenet mailing list
> homenet@ietf.org
> https://www.ietf.org/mailman/listinfo/homenet
> 

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
homenet mailing list
homenet@ietf.org
https://www.ietf.org/mailman/listinfo/homenet

Reply via email to