Hi, Zhiyong.
IPv6 Ready Logo Program has already started preparation to support RH0 issue.
Please wait the next major revision up of Program itself.
By the definition of IPv6 Ready Logo Program,
major revision up is done at November or May.
Regards,
On Sat, 29 Sep 2007 16:17:27 -0400
Zhiyong Wu <zwu@redhat.com> wrote:
> Tahi users and developers,
>
> As well-known,when the type of IPv6 routing header is set to IPV6_RTHDR_YPE_0,
>
> it would allow remote attackers to cause a denial of service via
>
> crafted IPv6 type 0 route headers that create network
>
> amplification between two routers.
>
> In the current time,the solution which is adopted by many products
>
> wil cause IPv6 type 0 routing headers to be ignored. But the test scripts
>
> from www.tahi.org dont ignored IPv6 type 0 headers.
>
> So when we are having a IPv6ready Certification,some tests about
>
> IPv6 type 0 routing header will fail if Self_Test from www.tahi.org
>
> isn't modified.
>
>
> how should we process this case when we are ready to have a IPv6ready
>
> Certification?
>
> please refer to
>
> (1) http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc
>
> (2) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242
>
> (3) http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
>
>
> Regards,
>
> Zhiyong Wu
>
>
>
>
------------------------------------------------------------------------
Yukiyo Akisada <akisada@tahi.org>