| base.txt | issue96.txt | |||
|---|---|---|---|---|
| skipping to change at page 47, line 33 | skipping to change at page 47, line 33 | |||
| o The Neighbor Cache, Prefix List and Default Router list entries | o The Neighbor Cache, Prefix List and Default Router list entries | |||
| MUST have a secured/unsecured flag that indicates whether the | MUST have a secured/unsecured flag that indicates whether the | |||
| message that caused the creation or last update of the entry was | message that caused the creation or last update of the entry was | |||
| secured or unsecured. Received unsecured messages MUST NOT cause | secured or unsecured. Received unsecured messages MUST NOT cause | |||
| changes to existing secured entries in the Neighbor Cache, Prefix | changes to existing secured entries in the Neighbor Cache, Prefix | |||
| List or Default Router List. The Neighbor Cache SHOULD implement a | List or Default Router List. The Neighbor Cache SHOULD implement a | |||
| flag on entries indicating whether the entry is secured. Received | flag on entries indicating whether the entry is secured. Received | |||
| secured messages MUST cause an update of the matching entries and | secured messages MUST cause an update of the matching entries and | |||
| flagging of them as secured. | flagging of them as secured. | |||
| o Neighbor Solicitations for the purpose of Neighbor Unreachabilty | ||||
| Detection (NUD) MUST be sent to that neighbor's solicited-nodes | ||||
| multicast address, if the entry is not secured with SEND. | ||||
| Upper layer confirmations on unsecured neighbor cache entries | ||||
| SHOULD NOT update neighbor cache state from STALE to REACHABLE on | ||||
| a SEND node, if the neighbour cache entry has never previously | ||||
| been REACHABLE. This ensures that if an entry spoofing a valid | ||||
| SEND host is created by a non-SEND attacker without being | ||||
| solicited, NUD will be done within 5 seconds of use of the entry | ||||
| for data transmission. | ||||
| As a result, in mixed mode attackers can take over a Neighbor | ||||
| Cache entry of a SEND node for a longer time only if (a) the SEND | ||||
| node was not communicating with the victim node so that there is | ||||
| no secure entry for it and (b) the SEND node is not currently on | ||||
| the link (or is unable to respond). | ||||
| o The conceptual sending algorithm is modified so that an unsecured | o The conceptual sending algorithm is modified so that an unsecured | |||
| router is selected only if there is no reachable SEND router for | router is selected only if there is no reachable SEND router for | |||
| the prefix. That is, the algorithm for selecting a default router | the prefix. That is, the algorithm for selecting a default router | |||
| favors reachable SEND routers over reachable non-SEND ones. | favors reachable SEND routers over reachable non-SEND ones. | |||
| o A node MAY adopt a router sending unsecured messages, or a router | o A node MAY adopt a router sending unsecured messages, or a router | |||
| for which secured messages have been received, but for which full | for which secured messages have been received, but for which full | |||
| security checks have not yet been completed, while security | security checks have not yet been completed, while security | |||
| checking is underway. Security checks in this case include | checking is underway. Security checks in this case include | |||
| certification path solicitation, certificate verification, CRL | certification path solicitation, certificate verification, CRL | |||
| End of changes. | ||||
This html diff was produced by rfcdiff v1.06, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ | ||||