Lin, I did a quick read of this draft. It doesn’t appear to discuss several important issues related to MAC address and IP address binding. These includes:
Random Mac address assignments (there is an IETF w.g. MADINAS working in this area) IPv6 Interface ID assignments (see RFC7217 , RFC 8064, etc.) IPv6 interfaces may have many IPv6 addresses Section 5.1.1.4 has no mention of SLACC IPv6 addresses Bob > On Jun 1, 2023, at 1:21 AM, Lin He <he-...@tsinghua.edu.cn> wrote: > > Hi, all. > > We submitted an individual draft to the intarea working group a few days ago. > This draft mainly describes a source address validation solution for wireless > LANs. > > We warmly welcome your valuable feedback and comments. > > Thanks in advance. > > -- > Lin He > > -----Original Messages----- > From: internet-dra...@ietf.org > Sent Time: 2023-05-27 20:03:34 (Saturday) > To: "Jianping Wu" <jianp...@cernet.edu.cn>, "Jun Bi" <ju...@cernet.edu.cn>, > "Lin He" <he-...@tsinghua.edu.cn>, "Tao Lin" <lin...@h3c.com>, "You Wang" > <y...@opennetworking.org> > Cc: > Subject: New Version Notification for draft-bi-intarea-savi-wlan-00.txt > > > A new version of I-D, draft-bi-intarea-savi-wlan-00.txt > has been successfully submitted by Lin He and posted to the > IETF repository. > > Name: draft-bi-intarea-savi-wlan > Revision: 00 > Title: A SAVI Solution for WLAN > Document date: 2023-05-27 > Group: Individual Submission > Pages: 16 > URL: > https://www.ietf.org/archive/id/draft-bi-intarea-savi-wlan-00.txt > Status: https://datatracker.ietf.org/doc/draft-bi-intarea-savi-wlan/ > Htmlized: > https://datatracker.ietf.org/doc/html/draft-bi-intarea-savi-wlan > > > Abstract: > This document describes a source address validation solution for > WLANs where 802.11i or other security mechanisms are enabled to > secure MAC addresses. This mechanism snoops NDP and DHCP packets to > bind IP addresses to MAC addresses, and relies on the security of MAC > addresses guaranteed by 802.11i or other mechanisms to filter IP > spoofing packets. It can work in the special situations described in > the charter of SAVI (Source Address Validation Improvements) > workgroup, such as multiple MAC addresses on one interface. This > document describes three different deployment scenarios, with > solutions for migration of binding entries when hosts move from one > access point to another. > > > > > The IETF Secretariat > > </y...@opennetworking.org></lin...@h3c.com></he-...@tsinghua.edu.cn></ju...@cernet.edu.cn></jianp...@cernet.edu.cn> > > _______________________________________________ > Int-area mailing list > Int-area@ietf.org > https://www.ietf.org/mailman/listinfo/int-area
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
