Hi Fred, Two minor clarification regarding SeND below:
Fred Baker wrote: > > On Sep 9, 2010, at 7:29 PM, Mark Smith wrote: > > > > SAVI and things like SeND are beneficial halfway measures, avoiding > > full quarantining. > > I would generally agree. > > Just like being at a cocktail party, there is no way to know just how > looped a neighbor is or how it will behave in that condition. What SeND > tries to do is ensure that a system uses exactly one EID on an > interface (if it has several prefixes, it will have several addresses, > but the lower 64 bits will be what it has a key for). SeND does not restrict a given system to use exactly one EID on an interface. A SeND node can configures as many CGA as it wants per interface. SeND will then ensures that when a node does so and configures a CGA address, no other node can subsequently redirect traffic sent to that CGA address by spoofing ND signaling. Within a given subnet prefix, different CGAs can be configured out of multiple public-private key pairs, or out of the same public-private key pair, using different CGA Modifier values in the generation algorithm. > What SAVI tries > to do is ensure that if one system is using an address, another system > doesn't try to use it also. Only works in switched networks, as it is > the switch that imposes the control. On the other hand, consider > privacy addresses; one could easily imagine a system periodically > changing its EID, or using more than one at a time, perfectly legally. > SEND would preclude that, SAVI allows for it. BTW, both apply to > conversations on-LAN, the kind that ONLY go through the switch. As above, SeND would not preclude a system to periodically change its EID. It can do so by generating new public-private key pairs, or simply changing the CGA Modifier value used in the generation. Of course if privacy is the motivation to do so, it might be better to change the public-private key pair as well as otherwise on-link eavesdroppers would be able to link together successive CGAs based on the same public-private key pair being used to generate them and to sign ND signaling. (and one would also need to periodically change its L2 address if "linkability" is of concern...) --julien -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
