[email protected]
[Top] [All Lists]

Re: I-D ACTION:draft-ietf-rtgwg-rfc3682bis-08.txt

Subject: Re: I-D ACTION:draft-ietf-rtgwg-rfc3682bis-08.txt
From: Pekka Savola
Date: Fri, 15 Dec 2006 09:54:50 +0200 EET
On Thu, 14 Dec 2006, [email protected] wrote:
        Title           : The Generalized TTL Security Mechanism (GTSM)
        Author(s)       : V. Gill, et al.
        Filename        : draft-ietf-rtgwg-rfc3682bis-08.txt
        Pages           : 17
        Date            : 2006-12-14

The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6)
  to verify whether the packet was originated by an adjacent node on a
  connected link has been used in many recent protocols.  This document
  generalizes this technique.  This document obsoletes RFC 3682.

A URL for this Internet-Draft is:
This draft has been significantly revised. I'd recommend everyone to
take a look at it. See the diffs etc at:
Appendix C.1.  Changes between -07 and -08

   o  Describe the assumption of ingress filtering to protect against
      on-link attacks.

   o  Rewrite the IP over MPLS section based on the new MPLS TTL
      handling procedure (from Carlos Pignataro) to get the details of
      new MPLS architecture right.

   o  Rephrase IP over IP tunneling section a bit, to make distinction
      between encapsulation and decapsulation behaviour clearer.

   o  Make it clearer in the tunneling section that unless the tunnel
      peer is also the protocol peer, GTSM should be able to offer

   o  Describe better the applicability of GTSM when tunneling.

   o  Rephrase Multi-hop GTSM section to mainly refer to the difficult-
      to-quantify security properties as a reason for exclusion at this

   o  Some editorial updates.

Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

rtgwg mailing list
[email protected]

<Prev in Thread] Current Thread [Next in Thread>