Telechat Review of draft-krishnan-v6ops-teredo-update-
review-krishnan-v6ops-teredo-update-secdir-telechat-yu-2010-06-03-00

Request Review of draft-krishnan-v6ops-teredo-update
Requested rev. no specific revision (document currently at 10)
Type Telechat Review
Team Security Area Directorate (secdir)
Deadline 2010-06-01
Requested 2010-04-27
Draft last updated 2010-06-03
Completed reviews Secdir Early review of -?? by Taylor Yu
Secdir Telechat review of -?? by Taylor Yu
Assignment Reviewer Taylor Yu
State Completed
Review review-krishnan-v6ops-teredo-update-secdir-telechat-yu-2010-06-03
Review completed: 2010-06-03

Review
review-krishnan-v6ops-teredo-update-secdir-telechat-yu-2010-06-03

This is a re-review of draft-krishnan-v6ops-teredo-update-07, which I
previously reviewed in its -03 version.  Most of my concerns from the
previous review have been adequately addressed.

I concur with the ballot comment by Russ Housley about quantifying the
resistance of this randomization scheme to address scanning in
relation to the general IPv6 address scanning risk.  For example, if
the attacker knows the Teredo server's IPv4 address and client's
external IPv4 address but the client's Teredo UDP port number, the
effective search space after the flag randomization is 28 bits.
Effective address search spaces for similar scenarios can be computed
easily.  Explicitly comparing the values in section 2.3 of RFC 5157
with the search space sizes resulting from implementing the technique
in this update may be helpful to the reader.