> -----Original Message----- > From: Fernando Gont [mailto:[email protected]] > Sent: Thursday, May 30, 2013 8:29 AM > To: Dave Thaler > Cc: [email protected]; Brian Haberman; [email protected]; Ray Hunter; > Alissa Cooper; Christian Huitema; tom.petch; He Xuan > Subject: Re: Comments on draft-ietf-6man-stable-privacy-addresses-07 > > On 05/29/2013 04:03 AM, Dave Thaler wrote: > >>>> [...] I could rely on the > >>>> ICMPv6 "address resolution failed" error messages sent by your > >>>> local router (i.e., if I receive one of such messages, you're not > >>>> there. If I don't, > >> you are). > >>> > >>> Ok, yes that one is interesting. > >> > >> An attacker just needs one vector to be successful. > > > > Agree. Putting the above example vector into the draft would help the > > reader understand the motivation for the problem. > > Isn't it enough simply noting that the target node can be probed? > Getting into the specific details of the probe packet > (stimulus/response) seems like "over-specifying" things to me...
My opinion is that this example is important, since the example is one where there's nothing the target node itself can do about it, which is non-obvious. Otherwise readers could be as confused as I was. So pointing it out adds significant clarity. -Dave -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
