Article 386 at 07/10/10 17:26:36 From: akisada@tahi.org Subject: [users:00386] Re: About IPv6 type 0 routing headers issue

Index: [Article Count Order] [Thread]
Date: Wed, 10 Oct 2007 17:24:39 +0900
From: Yukiyo Akisada <akisada@tahi.org>
Subject: [users:00386] Re: About IPv6 type 0 routing headers issue
To: Zhiyong Wu <zwu@redhat.com>
Cc: users@tahi.org
Message-Id: <20071010172439.32bc468e.akisada@tahi.org>
In-Reply-To: <470D2141.4080801@redhat.com>
References: <46FEB2D7.6040407@redhat.com>	<20071001163948.2a5d788a.akisada@tahi.org>	<470D2141.4080801@redhat.com>
X-Mail-Count: 00386

Hi, Zhiyong.

In this moment, we will support RH0 as selectable function.
But it may be changed to be mandatory
because RH0 ID was already entered in RFC Editor Queue few days ago.

Now, situation around RH0 is changed day by day.
We need still more discussion.

But, personally,
I feel that it is realistic to release at November.
And it will be the End of November.

Regards,


On Wed, 10 Oct 2007 15:00:17 -0400
Zhiyong Wu <zwu@redhat.com> wrote:

> Hi, akisada.
> 
> At first, thank you very much for your reply last time.
> 
> As discribed in your last reply, major revision up will be done at 
> November or May.
> 
> If your major revision would be released at May, how should we process 
> this case when we are eager to have an IPv6ready Certification before it?
> 
> How is the possibility that you will release the major revision at November?
> 
> Need you any necessary help from us in order to promote that the major 
> revision will be earlier released?
> 
> 
> Regards,
> 
> Zhiyong Wu.
> 
> 
> Yukiyo Akisada wrote:
> > Hi, Zhiyong.
> >
> > IPv6 Ready Logo Program has already started preparation to support RH0 issue.
> > Please wait the next major revision up of Program itself.
> >
> > By the definition of IPv6 Ready Logo Program,
> > major revision up is done at November or May.
> >
> > Regards,
> >
> >
> > On Sat, 29 Sep 2007 16:17:27 -0400
> > Zhiyong Wu <zwu@redhat.com> wrote:
> >
> >   
> >> Tahi users and developers,
> >>
> >>    As well-known,when the type of IPv6 routing header is set to IPV6_RTHDR_YPE_0, 
> >>
> >> it would allow remote attackers to cause a denial of service via
> >>
> >> crafted IPv6 type 0 route headers that create network
> >>
> >> amplification between two routers.
> >>
> >>    In the current time,the solution which is adopted by many products 
> >>
> >> wil cause IPv6 type 0 routing headers to be ignored. But the test scripts
> >>
> >> from www.tahi.org dont ignored IPv6 type 0 headers. 
> >>
> >>    So when we are having a IPv6ready Certification,some tests about 
> >>
> >> IPv6 type 0 routing header will fail if Self_Test from www.tahi.org 
> >>
> >> isn't modified.
> >>
> >>
> >>    how should we process this case when we are ready to have a IPv6ready 
> >>
> >> Certification?
> >>
> >>    please refer to 
> >>
> >>    (1) http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc
> >>
> >>    (2) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242
> >>
> >>    (3) http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
> >>    
> >>
> >>    Regards,
> >>
> >>    Zhiyong Wu
> >>    
> >>
> >>
> >>
> >>     
> >
> >
> > ------------------------------------------------------------------------
> > Yukiyo Akisada <akisada@tahi.org>
> >   
> 
> 


------------------------------------------------------------------------
Yukiyo Akisada <akisada@tahi.org>