On 4/7/17, 5:30 PM, "Les Ginsberg (ginsberg)" <ginsberg@xxxxxxxxx> wrote: Les: Hi! > System-id duplication is a problem for any deployment - not just autoconfig > deployments. And it will be disruptive in any network until it is resolved. > > The only thing autoconfig has added is a way to resolve this w/o manual > intervention. This in no way increases the vulnerability nor the disruption the > attacker can produce. (Yes - I state that quite intentionally). I don’t know about Robert, but that is part of the discussion I would like to see. Yes, duplicate system-ids have always been a potential problem, but this document introduces a new de-duplication mechanism that results not just in unsync’d databases, but in restarting adjacencies – so at least the manifestation of the problem is different. > So you are asking us to repeat a discussion which has already been held in the context of > RFC 5304 and RFC 5310. > > It would be more appropriate to add the normal reference to RFC 5304/5310 in the > Security section than what you propose. I don’t think it hurts to add a reference to those RFCs, but they are both about adding authentication – the problem in this document is exacerbated by the fact that there’s no authentication by default. The lower layer authentication mechanisms are quite weak, specially knowing that, if in a home environment, for example, it may be relatively easy to connect to the WiFi network. Alvaro.