Mohan Parthasarathy wrote:
> > Note that the MitM can also change the IP address, but if he > > does so, he is *not* attacking the original host, as the > > address is changed. > > > Ok. This is not very obvious (at least to me). It would be useful > to put this in some document. > > Is it possible that the MN can use both the RR and secure (that is > to be defined in the future) mechanism under different occasions ? > This means MN should be able to recognise both the addresses. > If MN sets the bit (means do something more secure than RR) and > attacker clears the bit, the response will still come back and > the assumption is MN will be able to detect this. Similarly, when > the bit is cleared but set by the attacker. I did not see a good > analysis on this (though I saw some references in Pekka's and your > other document). Perhaps missed it.. If a node wants to allow both RR and another more secure method, it can do so simply by allowing it on its RR address. Jari -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
