On Jun 10, 2014, at 9:57 AM, Ronald Bonica <[email protected]> wrote:
> Earlier in this thread, we agreed that when LISP is deployed on the global > Internet, mapping information cannot be gleaned safely from incoming LISP > data packets. Following that train of thought, when LISP is deployed on the > global Internet, is it safe to glean routing locator reachability information > from incoming LISP data packets as described in RFC 6830, Section 6.3, bullet > 1. If not, I think that we need to mention this in the threats document. What you can glean is that the source RLOC is up, but you cannot glean your path to it is reachable. > Given that ICMP packets are easily spoofed, when LISP is deployed on the > global Internet, is it safe to glean routing locator reachability information > from incoming ICMP packets as described in RFC 6830, Section 6.3, bullet 2 > and bullet 4. If not, I think that we need to mention this in the threats > document. What you can glean is that the source RLOC is up, but you cannot glean your path to it is reachable. Dino _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
