Re: draft-ietf-ipv6-deprecate-rh0-01-candidate-01

Wed, 13 Jun 2007 19:42:54 -0700 

At Wed, 13 Jun 2007 04:53:50 -0700,
Thomas Narten <[EMAIL PROTECTED]> wrote:

> > Abstract
> 
> >    The functionality provided by IPv6's Type 0 Routing Header can be
> >    exploited in order to achieve packet amplification for the purposes
> >    of generating denial-of-service traffic.  This document updates the
> >    IPv6 specification to deprecate the use of IPv6 Type 0 Routing
> >    Headers, in the light of the severity of this security concern.
> 
> The "amplification" terminology seems imprecise/wrong. When I think of
> amplification attacks, I think of one packet causing more packets to
> be generated or one packet resulting in a bigger response. I.e., there
> is amplification of the amount of data sent. In case at hand, packets
> are not amplified, they are just routed in a sort of loop. Is there
> more precise terminology that could be used? (Then again, maybe this
> particular terminology is already widely used here.)
> 
> >    The functionality provided by IPv6's Type 0 Routing Header can be
> >    exploited in order to achieve packet amplification for the purposes
> >    of generating denial-of-service traffic.  This document updates the
> 
> Seems like a sentence or two describing the exploitation itself would
> be good. Not a lot of detail, but more than just "it can be
> exploited". (Later, I see that you include such text in the security
> considerations section. I think it should be moved to (or included in)
> the beginning of the document.

To clarify the point: are you suggesting to add this to Abstract or to
Introduction?  I think it's too much for Abstract, but I agree it
would be worth adding to Introduction (in fact, having a mere copy of
Abstract in Introduction isn't really useful).

                                        JINMEI, Tatuya
                                        Communication Platform Lab.
                                        Corporate R&D Center, Toshiba Corp.
                                        [EMAIL PROTECTED]

--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

Reply via email to