On Mon, 2013-03-04 at 16:02 -0800, Bob Hinden wrote: > A Simple Secure Addressing Generation Scheme for IPv6 > AutoConfiguration > draft-rafiee-6man-ssas-01.txt > [...] > DHCPv6/SLAAC Address Configuration Interaction Problem Statement > draft-liu-bonica-dhcpv6-slaac-problem-01.txt > > We did not think there had been enough discussion or interest on the > w.g. list to guarantee a speaking slot. We allocated short slots at > the end of the session if there is time before the meeting ends. If > anyone (other than the authors) think one of these should be given > more time, please speak up.
For what it's worth it seems to me that there is a gaping hole around securing ND. IPSec is obviously ridiculous, SEND is only marginally less ridiculous. Maybe SSAS is a way forward? Or maybe noone else thinks ND needs to be secured? Maybe the meeting could attempt to gauge whether this is actually a real problem. I think it is, and I urge others to speak up if they too think this should be pursued. If there is a priority to these things, then sorting out the perceived and actual discrepancies\ and ambiguities in the meaning of the RA M and O flags would seem pretty important. Otherwise they will end up cemented into even more implementations than they are now. The way Windows handles them is just plain broken, and if the RFCs support that way of handling them, then the RFCs are broken. At very least this topic needs some impetus. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer ([email protected]) http://www.biplane.com.au/kauer http://www.biplane.com.au/blog GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017 -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
