Benjamin Kaduk
2018-10-10 14:59:50 UTC
Benjamin Kaduk has entered the following ballot position for
draft-ietf-dhc-dhcp4o6-saddr-opt-06: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dhc-dhcp4o6-saddr-opt/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
Section 7
It is also a prerequisite that the client has already learned a
suitable IPv6 prefix to use for its local softwire endpoint using
DHCPv6, RA/PIO or another mechanism.
I think I'm confused. Is the OPTION_S46_BIND_IPV6_PREFIX option a way to
obtain the "suitable IPv6 prefix" above? If so, then "prerequisite" may
not be the best word to use here.
Section 7.2.1
Across the lifetime of the leased IPv4 address, it is possible that
the client's IPv6 will change. E.g., if there is an IPv6 re-
numbering event.
nit: The last sentence is a sentence fragment.
Section 9
With address-binding mechanisms such as these we also try to consider the
possibility of binding an unexpected address to an unsuspecting recipient,
e.g., to direct a large flow of traffic to a victim unable to process it
all. I did not see an immediate way for an attacker to do this, since it
would seem like it would either require DHCPv4 to assign the same address
twice or allow a duplicate v6/v4 softwire binding, but I am not sure I have
the full picture in my head yet. It would be good to include some text on
this class of attacks, even if it is just "redirecting existing flows to an
unsuspecting victim is not possible because <reason>".
draft-ietf-dhc-dhcp4o6-saddr-opt-06: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dhc-dhcp4o6-saddr-opt/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
Section 7
It is also a prerequisite that the client has already learned a
suitable IPv6 prefix to use for its local softwire endpoint using
DHCPv6, RA/PIO or another mechanism.
I think I'm confused. Is the OPTION_S46_BIND_IPV6_PREFIX option a way to
obtain the "suitable IPv6 prefix" above? If so, then "prerequisite" may
not be the best word to use here.
Section 7.2.1
Across the lifetime of the leased IPv4 address, it is possible that
the client's IPv6 will change. E.g., if there is an IPv6 re-
numbering event.
nit: The last sentence is a sentence fragment.
Section 9
With address-binding mechanisms such as these we also try to consider the
possibility of binding an unexpected address to an unsuspecting recipient,
e.g., to direct a large flow of traffic to a victim unable to process it
all. I did not see an immediate way for an attacker to do this, since it
would seem like it would either require DHCPv4 to assign the same address
twice or allow a duplicate v6/v4 softwire binding, but I am not sure I have
the full picture in my head yet. It would be good to include some text on
this class of attacks, even if it is just "redirecting existing flows to an
unsuspecting victim is not possible because <reason>".