Michael, Please note the following sentence in the security considerations section: "the amplification effect in this case is similar to ICMPv6 error message, and specifically similar to Traceroute."
Sending a Loopback causes the exact same amplification as invoking the last packet of Traceroute, i.e., sending a packet with Hop Limit=number of hops to destination. Any amplification attack that can be invoked with Loopback could alternatively be invoked with any packet that has Hop Limit=number of hops to destination. Therefore, Loopback does not introduce a new attack vector. Cheers, Tal. On Wed, Jun 7, 2023 at 7:59 PM Michael Richardson <[email protected]> wrote: > > > Despite what the Security Considerations suggests, this still looks ripe for > use as an amplication attack to me. > > -- > Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > [email protected] > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
