> All solicited advertisements MUST include a Nonce, copied from the > received solicitation. Note that routers may decide to send a > multicast advertisement to all nodes instead of a response to a > specific host. In such case the router MAY still include the nonce > value for the host that triggered the multicast advertisement. > Omitting the nonce value may, however, cause the host to ignore the > router's advertisement, unless the clocks in these nodes are > sufficiently synchronized so that timestamps can be relied on. But if a multicast RA includes the nonce, won't the other nodes ignore it, defeating the purpose of having a multicast RA? > o Advertisements sent to a unicast destination address with the > Signature option but without a Nonce option MUST be silently > discarded. This may break an assumption in ND. Namely, that one can send unsolicited unicast RAs or NAs. This is currently legal in ND, but would no longer be above. Is this restriction necessary? ---------- James Kempf: Other nodes might use the RA as unsecured. But, in principle, yes. We'll drop the MAY. From a security standpoint, accepting unsolicted RA or NA without a nonce risks a DoS attack. An attacker could bombard the victim with signed RAs or NAs, causing the victim to consume processing in verifying the digital signature. The nonce provides a quick way to reject possible attack packets. Therefore, we would like to keep this restriction. We should note in the text that this is a change from the standard RFC 2641 model. ---------- Thomas Narten: Actually, what if the packet is sent to unicast LL, but IPv6 all-nodes? The above text doesn't protect against this attack... So closing the above may not actually buy much in practice. Or is the latter dealt with some other way? ---------- Arkko: Nonces and multicast RA. Kempf: Thomas wants to know about multicast to all-nodes. Arkko: Rate limiting. Action Item: Reply to Thomas' email with how the spec deals with DoS on all-nodes. ---------- Jari Arkko: My suggestion is twofold: 1) Keep the MAY that allowed nonces to be included in multicast RAs. Having the nonce does not make the message invalid for other receivers; receivers look at the timestamp only in an unsolicited RA. See first paragraph of Section 5.3.4 and then Section 5.3.4.2. 2) Allow unsolicited unicast messages as in plain ND, treating them as unsolicited messages. Note that the dos issues in such unicast messages are similar to those in the multicast messages; the mechanisms hinted in Section 9.3 should be sufficient for them as well. I have added some new text to 5.3.4.2 about this as well. ----------