SEND WG Afternoon Session III James Kempf Pekka Nikander chairs James discusses agenda draft status: WG draft merged trust model and trheats drafts. 3 trust models 3 threat classifications Open trust/threat issues in drafts router spoofing attack signaling is not entirely clear rfc2462 says 2hr min RA lifetime reduction takes more then one spoofed w/ zero lifetime additional trust model: semi-trust Bogus addr configured-if a ddns update is done ... finishing trust/threats drafts need discussion on lists and others WG Last Call end of Jan. latest Please contribute. IPSec for Secure ND Jari Arkko, Vesa-Matti Mantyla Ericsson Starting point Secure ND possible either on IP or ND layers Technical issues: can't run IKE needs to deal w/ multicast messages AH for SEND auth alg verify timestamp is recent enough ... senders IID=hash .... ..... signature against pub key optionally verify certificate chain to own trusted root Policy setup outbound inbound SAD setup summary of IPSec mods new alg timestamp instead of seq numbers itojun: how much time sync do you require? Jari: not sure. new format for mac field no key in SA for ND SPD entries ICMPv6-type specificiationSA destination made irrelevant in SA. SPD Transition issues: Before SEND is deployed, need to support both. Possible solution, different prefixes for secure and insecure greg daly: can't see how you can do this securely and insecurely because link-local resolution? Erik: if there is an issue based sec/insec, you want sec to only speak w/ sec, only securing nd or only secing com between nodes. Are the two related? Further questions? no further questions Bill Sommerfeld SEND design team statuses no draft yet sub-problems is legimite router? Initial configuration? Using CGA for ND is legit router add trust anchor to RS CGA precomp running out of bits for CGA CGA precomp attacks on high value prefixes. Erik: do we know what the issues are? Linklocal vs global bill: high value prefix to attack. Depends on usage recommend CGA for only threats draft. Tech reason why higher bits in link lcoal won't be used? 62Bit vs 64bit no. sounds like a political reson how tied are link locals to /64 is the v6 community? Linklocal from /64 to /10? will need to treat globals special. Type indentification for site-local is a /10. bob hinden: latest draft in addr arch does not state that additional bits can not be used. Jari: DHCP-like scheme? Bill: this is not fully fleshed out. Hesham: same chichen and Egg to setup SA w/ dhcp server bill: don't use DHCP per se, just something registation based. Initial configuration minimize size of preconfig jari: leap of faith for initial trust rule? Or at new network? Bill: I don't want it as a possiblity, we are just talking design. Jim: wants to get draft out by feb. might find a redeign is needed. Design team is working on investigation. Discussion: none people should subscribe to the list and contribute