v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space (IPv6-MW)]
matthew at eeph.com
Fri Feb 6 09:17:55 CST 2009
This is straying from operational to protocol design and implementation,
but as someone who has done a fair bit of both design and implementation...
Iljitsch van Beijnum wrote:
> The problem is that DHCP seemed like a good idea at the time but it
> doesn't make any sense today. We know that parsing complex binary data
> formats is asking for security problems...
Excuse me? This sounds like you've been hanging out with the SIP people
for too long. The complexity of having a computer parse something like
XML, or much worse, RFC822-style headers with complex rules about
optional and mandatory options, a la SIP is *far* beyond what is
required to parse things like DNS replies or even ASN.1. And *much*
harder to generate strong proofs of correctness for.
Just because it is easier to read without a decoder library installed in
your sniffer doesn't mean it is "more secure" to parse and process.
(Simple examples: binary tag/length/value formats allow immediate
checking of the length to see if it is within bounds and to allocate the
appropriate data structure size beforehand. With XML there's no way to
know how long or deep a structure is until you've parsed the whole
thing, just like with RFC822-style headers there's no way to know how
long a line will be or whether or not there will be continuation lines
for that tag until you've reached the next header. Which is more
difficult to check for proper defense against buffer overrun attacks?)
More information about the NANOG