At 08:39 AM 11/7/2002 -0500, Keith Moore wrote:
Is this situation - a mobile node using site-local addresses moving to a new "site" - an opportunity for inadvertent (or possibly even malicious) TCP session hijacking? I.e., is the problem worse in the case of active applications that may be affected by the move to a new site?> > I don't follow your analogy. Let me try one of my own. Expecting > > apps to use SLs is like expecting that someone who is married to > > a person named "mary" will be equally satisfied with the person > > named "mary" in whatever town he happens to be in (if there is one), > > or that he'll be satisfied if he cannot telephone his wife (or reaches > > a different person) if he isn't in his hometown. > > Ah. I understand now, and this does highlight a potential problem. It's > not just about filtering traffic between sites. In the case where a node > leaves one site and moves to another, all site-scoped references to the old > site must be invalidated too.I hadn't thought of that case, but you are right. For a host using mobile-ip the site-local address is not necessarily more stable than the global address.
- Ralph
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
