BTW,I think we should describe this open resolver issue in CPE requirement. http://www.apricot2013.net/__data/assets/pdf_file/0009/58878/tom-paseka_1361839564.pdf
like a "The CPE MUST not be open resolver from WAN side." http://tools.ietf.org/html/draft-ietf-v6ops-6204bis and RFC1812 http://tools.ietf.org/html/rfc1812 What do you think? (2013/04/26 0:07), cb.list6 wrote: > Hi, > > Tom Taylor just sent a mail to behave on logging that piqued my interest. > > The MAP based solutions set is stateless. > > And therefore it has an elegant solution for those interested in attribution, > specifically in the context of law enforcement. > > Can someone explain where I can find a pointer on how the stateless mapping > holds up to spoofing from the MAP domain? Could a malicious user send bad > packets where this attribution model attributes the bad packets to a 3rd > party. > > If Alice and Bob are communicating, could Dec send a packets through the BR > appearing to be from Alice where destination is Bob. > > Stateless is great. But there is no chance that the MAP BR is not the new > open DNS resolver, right ? > > If this is already covered, a simple pointer is all I need. > > Will this type of attribution be sufficient for courts ? Or is it > circumstantial ? > > CB. > > > > _______________________________________________ > Softwires mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/softwires > _______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
