[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Protocol Action: 'Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Forking Proxies' to Proposed Standard

To: IETF-Announce <ietf-announce at ietf.org>
Subject: Protocol Action: 'Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Forking Proxies' to Proposed Standard
From: The IESG <iesg-secretary at ietf.org>
Date: Wed, 5 Nov 2008 09:18:52 -0800 (PST)
Cc: sip mailing list <sip at ietf.org>, sip chair <sip-chairs at tools.ietf.org>, Internet Architecture Board <iab at iab.org>, RFC Editor <rfc-editor at rfc-editor.org>
Delivered-to: ietfarch-ietf-announce-web-archive at core3.amsl.com
Delivered-to: ietf-announce at core3.amsl.com
List-archive: <http://www.ietf.org/pipermail/ietf-announce>
List-help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-post: <mailto:ietf-announce@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
Sender: ietf-announce-bounces at ietf.org

The IESG has approved the following document:

- 'Addressing an Amplification Vulnerability in Session Initiation 
   Protocol (SIP) Forking Proxies '
   <draft-ietf-sip-fork-loop-fix-08.txt> as a Proposed Standard

This document is the product of the Session Initiation Protocol Working 
Group. 

The IESG contact persons are Cullen Jennings and Jon Peterson.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sip-fork-loop-fix-08.txt

Technical Summary 

This document normatively updates RFC 3261, the Session Initiation
Protocol 
(SIP), to address a security vulnerability identified in SIP proxy
behavior. 
This vulnerability enables an attack against SIP networks where a small 
number of legitimate, even authorized, SIP requests can stimulate massive
amounts of proxy-to-proxy traffic. 

This document strengthens loop-detection requirements on SIP proxies 
when they fork requests (that is, forward a request to more than one
destination). 
It also corrects and clarifies the description of the loop-detection 
algorithm such proxies are required to implement. 

Working Group Summary 

The document was produced by the SIP working group. There is consensus in
the WG to publish this document. 

Document Quality 

The document has been produced as a result of an issue identified during
SIPit interoperability testing.

_______________________________________________
IETF-Announce mailing list
IETF-Announce at ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

Prev by Date: Last Call: draft-jerichow-msec-mikey-genext-oma (MIKEY General Extension Payload for OMA BCAST 1.0) to Informational RFC
Next by Date: Protocol Action: 'WebDAV Current Principal Extension' to Proposed Standard
Previous by thread: Last Call: draft-jerichow-msec-mikey-genext-oma (MIKEY General Extension Payload for OMA BCAST 1.0) to Informational RFC
Next by thread: Protocol Action: 'WebDAV Current Principal Extension' to Proposed Standard
Index(es):
- Date
- Thread