RE: [LinkSec] http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
That's a valid threat.
Is such a threat a concern for just the window of time that 'older'
bridge takes to age its controlled port closed in the absence of a
dissociate?
-mani
> -----Original Message-----
> From: Joshua Zhao [mailto:jzhao@cranite.com]
> Sent: Thursday, January 02, 2003 6:34 PM
> To: mick_seaman@ieee.org; stds-802-linksec@ieee.org
> Subject: RE: [LinkSec]
> http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
>
>
> I just want to comment on the potential threat that replays can pose.
>
> Lack of replay attack can potentially be detriment to support for
> roaming. In case that the bridges use the arriving of legitimate
frames
> from a certain station on a given port to infer the current attachment
> point of the station, replays at an access point other than the
> station's current point of attachment can potentially mislead the
system
> as to the whereabouts of the station. This could be a serious threat.
>
> Regards,
>
> Joshua
> Scientist
> Cranite Systems, Inc.
> 6620 Via Del Oro
> San Jose, California 95119
>
> > -----Original Message-----
> > From: Mick Seaman [mailto:mick_seaman@ieee.org]
> > Sent: Thursday, January 02, 2003 1:23 PM
> > To: stds-802-linksec@ieee.org
> > Subject: RE: [LinkSec]
> > http://www.ieee802.org/linksec/Meetings/Jan03/Seaman_1_0103.pdf
> >
> >
> > Russ,
> >
> > Thanks for the comments.
> >
> > On the subject of replay you are right, generally I am not concerned
> about
> > replay being used to subvert a service for which most critical
> > communication
> > is using an ordering/sequencing/duplicate suppression protocol on
top.
> > However I would like to understand more about the threat that replay
> could
> > pose at this layer, my imagination is not doing a great job on this
> > subject
> > so any examples (other than ones that simply result in denial of
> service)
> > would help.
> >
[...]