Reply to your request dated 24/05/2013
I-D: draft-ietf-manet-nhdp-sec-threats-03
Draft Reviewed By: Abdussalam Baryun (AB) Dated:06/06/2013
Reviewer Comment A3: Use Cases not considered and the Information Bases Threats.
+++++++++++++++++++++++++++++++++++++++
*Use-cases threats*
Reading the RFC6130 applicability section 3, the I-D does not consider
all the use-cases included in the that section 3.
AB> Does the use-case of NHDP [RFC6130] add any value to the threats,
or the I-D assumes only one use case which is OLSRv2 network.
The NHDP uses RFC5444 packets and RFC5444 messages, so what are the
threats to NHDP use for each? not mentioned in I-D.
RFC6130> NHDP Can use relevant link-layer information if it is available.
AB> is there any threat from that use-case? not mentioned in the I-D.
*Information bases threats*
RFC6130> Appendix F> This appendix illustrates various examples of
physical topologies, as well as how these are logically recorded by
NHDP from the point of
view of the router A. This representation is a composite of
information that would be contained within A’s various Information
Bases after NHDP has been running for sufficiently long time for the
state to converge.
AB> Why the logically recording of the NHDP for all the examples not
mentioned in the I-D and were not threat analysed? If there is similar
level of threats related to all exampels in RFC6130, then please
mention that.
This is my last message, thanks.
Regards
AB