[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Regarding pre-round trip for stateless cookie (Jan's issue)
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Radia" == Radia Perlman <- Boston Center for Networking <Radia.Perlman@sun.com>> writes:
Radia> Just because I had to read the above a few times before I
Radia> understood what
Radia> he was saying, I thought I'd restate it in my own words.
Radia> What he's saying is that with the "4/6" design, if it's hard for
Radia> Bob to make a decision about whether he thinks he's under attack,
Radia> then he can always assume he's under attack, and always do the
Radia> 6-message exchange.
I am of the opinion that for any system which has a non-trivial number
of defined connections, that it pretty much impossible for Bob to determine
that he isn't under attack.
The only deployments that I can see that could determine for certain
that they aren't under attack would be two or three node VPNs.
The moment you add even half a dozen road warriors, or in FreeSWAN's case,
2^32 potential OE connections, one might as well assume one is under attack.
As such, I question any design that introduces complexity to optomize the
unusual case. I would rather have shorter setups times, but I would rather
it was resistant to DDoS.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPYi50oqHRg3pndX9AQEedAP+LeMDs4hz+j9xblXuBRC8D1hdJtKF2dEE
tzxk4Wx+SYfvVmqhlcyrYpNdffm/q+KcbVdGReJ8jUepsGU/tZ3g+iH6bee5db8G
LSVLawmzcX43Uyz6rv9hUUDX7dNXS31FQBXg/JLfJngGG5AdGr1/7BDDCNnxsmtR
mr+SVG6UuUQ=
=zn8f
-----END PGP SIGNATURE-----