[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: [ssm] what to say about scoping for v6 [was ...last call...]

To: Hugh Holbrook <holbrook@cisco.com>
Subject: Re: Re: [ssm] what to say about scoping for v6 [was ...last call...]
From: Pekka Savola <pekkas@netcore.fi>
Date: Wed, 12 Mar 2003 21:41:27 +0200 (EET)
cc: Brian Haberman <bkhabs@nc.rr.com>, <ssm@ietf.org>
In-Reply-To: <20030312180804.1788F10B7A7@holbrook-laptop.cisco.com>
List-Help: <mailto:ssm-request@ietf.org?subject=help>
List-Id: Source-Specific Multicast <ssm.ietf.org>
List-Post: <mailto:ssm@ietf.org>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ssm>,<mailto:ssm-request@ietf.org?subject=subscribe>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ssm>,<mailto:ssm-request@ietf.org?subject=unsubscribe>

On Wed, 12 Mar 2003, Hugh Holbrook wrote:
> > One should note that the use of IPv6 scoped addresses either in S or G may
> > cause significant complexities, for example regarding mismatching scopes
> > between S and G or regarding forwarding decisions for a scoped (S,G).  
> > The implications of scoped addresses are described in other documents
> > [REF:SCOPED-ARCH]
> 
> Isn't the scoping behavior simply that the most restrictive (smallest)
> scope applies.  A packet is forwarded neither across a source-scope
> boundary nor across a destination-scope boundary.  Unless I'm missing
> something, this actually sounds rather uncomplicated to me.  Is there
> something that makes this tricky?

At the moment, in practise (=implementation), everything related to
scoping is *undefined*, it seems to me.

How your SSM-enabled router will/would react now, or in 1-2 years is a 
complete question mark.
 
> Is there something about this that makes it a Security Considerations
> issue?

Yes, but only slightly: if people use e.g. site-local addresses as a
security measure, and use SSM with like (<site-local>, global-scope-SSM)  
-- for whatever reason, e.g. the use of the same application (and
subsequent G) both site-locally and globally, the forwarding of such
multicasts might *NOT* be limited to your site-local S scope.  This is an
uncertainty as the implementation is unclear.

On the hindsight, the text I proposed above seems better fit to some other 
section, and something different might be more applicable to security 
considerations, like:

  Note that when forwarding or processing SSM, the scope of both S and G 
  may have to be considered [SCOPED-ARCH]; in particular, if the unicast 
  scope of S is smaller than respective multicast scope of G, the packets 
  might end up forwarded outside of the scope of S.  Therefore, limited 
  scopes should be avoided and must not be used as a security mechanism.

.. I wonder if that's any better ..

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings



_______________________________________________
ssm mailing list
ssm@ietf.org
https://www1.ietf.org/mailman/listinfo/ssm

Follow-Ups:
- Re: Re: Re: [ssm] what to say about scoping for v6 [was ...last call...]
  - From: Hugh Holbrook <holbrook@cisco.com>
- Re: [ssm] what to say about scoping for v6
  - From: Hitoshi Asaeda <Hitoshi.Asaeda@sophia.inria.fr>

References:
- Re: Re: [ssm] what to say about scoping for v6 [was ...last call...]
  - From: Hugh Holbrook <holbrook@cisco.com>

Prev by Date: Re: [ssm] what to say about scoping for v6 [was ...last call...]
Next by Date: Re: [ssm] what to say about scoping for v6
Prev by thread: Re: [ssm] what to say about scoping for v6 [was ...last call...]
Next by thread: Re: [ssm] what to say about scoping for v6
Index(es):
- Date
- Thread