Works for me!
Thanks!
Alvaro.
On 4/10/17, 10:34 AM, "Les Ginsberg (ginsberg)" <ginsberg(_at_)cisco(_dot_)com>
wrote:
Bing/Robert/Alvaro -
Here is the existing text of the Security Section:
"In general, the use of authentication is incompatible with auto-
configuration as it requires some manual configuration.
For wired deployment, the wired connection itself could be considered
as an implicit authentication in that unwanted routers are usually
not able to connect (i.e. there is some kind of physical security in
place preventing the connection of rogue devices); for wireless
deployment, the authentication could be achieved at the lower
wireless link layer."
Proposed revision:
"In the absence of cryptographic authentication it is possible for an attacker
to inject a PDU falsely indicating
there is a duplicate system-id. This may trigger automatic restart of the
protocol using the duplicate-id
resolution procedures defined in this document.
Note that the use of authentication is incompatible with auto-
configuration as it requires some manual configuration.
For wired deployment, the wired connection itself could be considered
as an implicit authentication in that unwanted routers are usually
not able to connect (i.e. there is some kind of physical security in
place preventing the connection of rogue devices); for wireless
deployment, the authentication could be achieved at the lower
wireless link layer."
???