Jari T. Malinen wrote:
>>I'm afraid Mike's right here. Of course the weak authentication >>can be rerun, but before it is rerun, many packets have gone >>to /dev/null because the MN kept sending route optimized stuff >>with HAOs, and the CN through them away because of the security >>issue. > > Ah, let me clarify. Currently the way you describe of implementing > MN is allowed because HAOs in the MIPv6 draft itself are not required > to be protected. Here the question is what if we _did_ have the fix > of always protecting the HAO, and with weak authentication. > > I was thinking the other way to implement MN, to send a CN BU in > good time before lifetime expires (soft timeout before hard one), > even without receiving a BR. Once actual lifetime of BU in BUL is > expired (hard timeout), MN knows it needs to re-start. Hence it > also can know not to send those HAOs. I am not sure how hard state > this is, the credentials would expire by hard timeout after communication > is terminated. For robustness, there is BR, losing a BU would not > break it since CN would send BR before hard timeout in CN side. Ok. This sounds possible. But at least we need to add rules somewhere that this needs to be done. Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
