Michael, Please note the following sentence in the security considerations section: "the amplification effect in this case is similar to ICMPv6 error message, and specifically similar to Traceroute."
Sending a Loopback causes the exact same amplification as invoking the last packet of Traceroute, i.e., sending a packet with Hop Limit=number of hops to destination. Any amplification attack that can be invoked with Loopback could alternatively be invoked with any packet that has Hop Limit=number of hops to destination. Therefore, Loopback does not introduce a new attack vector. Cheers, Tal. On Wed, Jun 7, 2023 at 7:59 PM Michael Richardson <mcr+i...@sandelman.ca> wrote: > > > Despite what the Security Considerations suggests, this still looks ripe for > use as an amplication attack to me. > > -- > Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > > > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > i...@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
