> -----邮件原件----- > 发件人: Tony Li [mailto:[email protected]] > 发送时间: 2010年7月8日 10:01 > 收件人: Xu Xiaohu > 抄送: 'Steven Blake'; 'Robin Whittle'; 'RRG' > 主题: Re: [rrg] ILNPv6 Mobility problem > > > On Jul 7, 2010, at 6:43 PM, Xu Xiaohu wrote: > > > > Assume a mobile IP host H' encounters the same condition as the above mobile > > ILNP host H, H' could use any available IP address on subnet X as its CoA > > without dropping all of its on-going TCP/UDP connections since the CoA plays > > the PURE role of locator. That is to say, the sessions are bound to the HoA, > > rather than the CoA.
> If the malicious host chooses to attack the CoA, then the attacks that Steve > outlines above can be applied as well. Or, the malicious host can get even The default gateway router of that subnet could simply deem the first accessed host (IP_x, MAC_y) as legal while the second host (IP_x, MAC_z) as illegal. Thus the malicious host could not grab the IP address which has been used by the legal host. > more primitive and simply duplicate any MAC that it sees on its subnet. Similarly, the switch could simply deem the first accessed host with MAC_y is legal and the second host with the same MAC is illegal. Best wishes, Xiaohu > The fact of the matter is that if the link layer provides no authentication, > then its not an appropriate media for secure mobility. Ergo, sites that are > trying to supply true mobility should provide some form of link layer > authentication (see 802.1x and better). > > Most link layers that we associate with real mobility (i.e., cell protocols) > do provide link layer authentication for precisely this reason. > > Note that this is wholly independent of ILNP and mostly also independent of > IP. Mobile DECnet would have the same issues. ;-) > > Tony _______________________________________________ rrg mailing list [email protected] http://www.irtf.org/mailman/listinfo/rrg
