[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 Neighbour Solicitation messages and IPsec


> Has not securing ICMP messages caused any interoperability problems that
> you've heard of?
Well, being honestly - I haven't gotten so far yet :-) I ran into
"intra-operability" problems (i.e. communication with a non-IPsec Linux
box), so I decided to allow ICMP messages to pass unprocessed.
I _think_ there should be no interoperability problems if these messages
are not secured.
As I already stated, it is not necessary to secure several kind of ICMPs
(e.g. ping). Regarding some other types (e.g. Neighborhood discovery,
PMTU detection), authentication might be useful; but:
- as long as you accept both authenticated and unauthenticated messages,
  the whole system is vulnerable to faked messages
- there is no method known to me to handle IPsec broadcasts (which would
  be necessary for securing neighborhood messages, correct?)
- If some kind of key exchange is necessary, and the messages exceed the
  minimum PMTU of IPv6, it is quite possible that you run into trouble
  when trying to secure PMTU messages.
Looking at that list, I doubt it is possible to use IPsec on ICMP in
a useful way...


*--- please cut here... -------------------------------------- thanks! ---*
|-> E-Mail: stefan.schlott@informatik.uni-ulm.de    PGP-Key: 0x2F36F4FE <-|
| Heh, heh, I have an "NSA Hitachi" monitor on my desk... Must have a     |
| hidden camera in it?                                                    |
|   -- Seen in the thread "NSA and MS windows" on sci.crypt (06.09.1999)  |