Hiya,
On 10/9/24 07:41, [email protected] wrote:
NEW As specified in Section 5 of [RFC5880], BFD Echo packets may be spoofed. Specifically for Unaffiliated BFD Echo, a DoS attacker maysend spoofed Unaffiliated BFD Echo packets to the loop-back device, so some form of authentication SHOULD be included.
I'm still not clear if you do or do not mean that B SHOULD be able to validate whatever authentication is included. If B doesn't check then it seems the DoS won't be mitigated, or am I still confused? Cheers, S.
OpenPGP_signature.asc
Description: OpenPGP digital signature
