Hi,
I have a comment for the monami6-mipv6 analysis draft.
RFC 3775 permits MN to have only a single CoA binding at HA
at any given
time. So this means if MN (attacker) set ups a DoS on a
victim (using
victim's address as CoA), MN can no longer communicate with
other nodes
using his HoA. However, in simultaneous bindings, MN can set
up DoS attack
on multiple victims, and yet retain one real CoA for
communication with
other nodes (possibly HA, to alter filter settings to change
victim's
address).
Do we need to consider some form of CoA verification being
performed by HA?
Regards,
Benjamin Lim
_______________________________________________
Monami6 mailing list
Monami6 ietf.org
https:
//www1.ietf.org/mailman/listinfo/monami6
|