[ipv6hackers] IPv6 security presentation at Hack.lu 2011
gert at space.net
Thu Sep 22 20:01:19 CEST 2011
On Wed, Sep 21, 2011 at 09:37:11PM -0300, Arturo Servin wrote:
> Regarding SEND AFAIK, you need a certificate in each device requesting network information to validate the source. For that requirement only, SEND is not easy to deploy.
You need the PKI infrastructure to validate RAs.
For securing ND, you need CGAs, and those are (sort of) self-contained
CERTs (strongly simplified). So no PKI structure is needed there - but
of course you can't do SEND with arbitrary IPv6 addresses on the hosts.
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
More information about the Ipv6hackers