On Sun May 31 16:57:43 2015 GMT+0100, Paul Wouters wrote: > On Wed, 27 May 2015, Stephen Farrell wrote: > > > - 2.5: "hand out" is an odd phrase here - would be better > > to expand on that I think and say more precisely what > > should never be done. > > How about:
Yep that's better. Ta S > > OLD: > > A rogue IKE peer could use malicious Traffic Selectors to obtain > access to traffic that the host never intended to hand out. > > NEW: > > A rogue IKE peer could use malicious Traffic Selectors to trick > a remote host into giving it IP traffc that the remote host never > intended to be send to remote IKE peers. For example, if the remote > host uses 192.0.2.1 as DNS server, a rogue IKE peer could set its > Traffic Selector to 192.0.2.1 in an attempt to receive the remote > peer's DNS traffic. > > Paul > > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
