On Jul 7, 2010, at 6:43 PM, Xu Xiaohu wrote: > > Assume a mobile IP host H' encounters the same condition as the above mobile > ILNP host H, H' could use any available IP address on subnet X as its CoA > without dropping all of its on-going TCP/UDP connections since the CoA plays > the PURE role of locator. That is to say, the sessions are bound to the HoA, > rather than the CoA.
If the malicious host chooses to attack the CoA, then the attacks that Steve outlines above can be applied as well. Or, the malicious host can get even more primitive and simply duplicate any MAC that it sees on its subnet. The fact of the matter is that if the link layer provides no authentication, then its not an appropriate media for secure mobility. Ergo, sites that are trying to supply true mobility should provide some form of link layer authentication (see 802.1x and better). Most link layers that we associate with real mobility (i.e., cell protocols) do provide link layer authentication for precisely this reason. Note that this is wholly independent of ILNP and mostly also independent of IP. Mobile DECnet would have the same issues. ;-) Tony _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
