Re: [manet] NHDP-sec-threats feedback
"John Dowdell" <John.Dowdell@Cassidian.com> Tue, 31 July 2012 13:48 UTC
Return-Path: <john.dowdell@cassidian.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C0CC21F86E2 for <manet@ietfa.amsl.com>; Tue, 31 Jul 2012 06:48:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.765
X-Spam-Level:
X-Spam-Status: No, score=-2.765 tagged_above=-999 required=5 tests=[AWL=-0.167, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oEaLdzvN5N8s for <manet@ietfa.amsl.com>; Tue, 31 Jul 2012 06:48:41 -0700 (PDT)
Received: from mail-dotnet3.eads.net (mail-dotnet3.eads.net [193.56.40.75]) by ietfa.amsl.com (Postfix) with ESMTP id 0DC2621F86DE for <manet@ietf.org>; Tue, 31 Jul 2012 06:48:02 -0700 (PDT)
Received: from unknown (HELO fr-gate2.mailhub.intra.corp) ([53.154.16.34]) by mail-dotnet3.eads.net with ESMTP; 31 Jul 2012 15:39:03 +0200
Received: from f8561vs5.main.fr.ds.corp ([10.37.8.21]) by fr-gate2.mailhub.intra.corp with Microsoft SMTPSVC(5.0.2195.7381); Tue, 31 Jul 2012 15:39:02 +0200
Received: from f8561vs4.main.fr.ds.corp ([10.37.8.27]) by f8561vs5.main.fr.ds.corp with Microsoft SMTPSVC(6.0.3790.4675); Tue, 31 Jul 2012 15:39:02 +0200
Received: from SUKNPT8108.cogent-dsn.local ([10.81.0.121]) by f8561vs4.main.fr.ds.corp with Microsoft SMTPSVC(6.0.3790.4675); Tue, 31 Jul 2012 15:39:02 +0200
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD6F21.CA72923B"
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Tue, 31 Jul 2012 14:39:03 +0100
Message-ID: <1B40484159234F4FB6FE11D4C2F408DE01962FAE@SUKNPT8108.cogent-dsn.local>
In-Reply-To: <SUKNPT8109TRaMgYAEu0001a23e@SUKNPT8109.cogent-dsn.local>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [manet] NHDP-sec-threats feedback
Thread-Index: Ac1usNLkus7wchG2Tjy4EzRjjSpCuQAbh17Q
References: <SUKNPT8109TRaMgYAEu0001a23e@SUKNPT8109.cogent-dsn.local>
From: John Dowdell <John.Dowdell@Cassidian.com>
To: manet@ietf.org
X-OriginalArrivalTime: 31 Jul 2012 13:39:02.0340 (UTC) FILETIME=[D8AC8040:01CD6F21]
X-TM-AS-Product-Ver: SMEX-8.0.0.4194-6.500.1024-19074.007
X-TM-AS-Result: No--21.537200-0.000000-31
X-TM-AS-User-Approved-Sender: Yes
X-TM-AS-User-Blocked-Sender: No
Subject: Re: [manet] NHDP-sec-threats feedback
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jul 2012 13:48:43 -0000
Some comments on NHDP-sec-threats. The quality of the implementation is outside of the scope of this document, but here will be some variables in how robustly the protocol has been implemented. A simple implementation will be considerably less robust than one with comprehensive error and failed state detection. Links with high bit error rates are particularly difficult to cater for, since implementations may simply crash when there are too many simultaneous error conditions. However, some specifics relating to sequence numbers. If the attacking node sent control packets with random sequence numbers, and the receiving node was expecting linearly increasing sequence numbers, would an implementation ignore packets sent with lower sequence numbers than the highest sequence number sent? An example: say a node was expecting to receive packets 1, 2, 3, 4, 5 and actually received packets 10, 15, 12, 7, 20, 11, then the receiver would process packets 10, 15 and 20 and discard 12, 7 and 11, but will waste processing time doing so. The implementation may decide on supplementary action if the sequence numbers are spread so far apart, as that may give the illusion that this link has a higher packet loss than is actually the case. John ________________________________ From: manet-bounces@ietf.org [mailto:manet-bounces@ietf.org] On Behalf Of Joseph Macker Sent: 31 July 2012 01:09 To: manet@ietf.org Subject: [manet] NHDP-sec-threats feedback I apologize to Jiazi and co-authors as we accidentally skipped one of the slide sets at this afternoon's meeting. Please review the slides for NHDP-sec-threats located at http://tools.ietf.org/wg/manet/agenda and see draft-ietf-manet-nhdp-sec-threats-00 The authors are asking for consideration of WG LAST CALL on this document so please comment. -Joe
- Re: [manet] NHDP-sec-threats feedback Abdussalam Baryun
- [manet] NHDP-sec-threats feedback Joseph Macker
- Re: [manet] NHDP-sec-threats feedback Jiazi YI
- Re: [manet] NHDP-sec-threats feedback John Dowdell
- Re: [manet] NHDP-sec-threats feedback Jiazi YI
- Re: [manet] NHDP-sec-threats feedback Jiazi YI
- Re: [manet] NHDP-sec-threats feedback Teco Boot
- Re: [manet] NHDP-sec-threats feedback Dearlove, Christopher (UK)
- Re: [manet] NHDP-sec-threats feedback Teco Boot
- Re: [manet] NHDP-sec-threats feedback Ulrich Herberg
- Re: [manet] NHDP-sec-threats feedback Abdussalam Baryun
- Re: [manet] NHDP-sec-threats feedback Jiazi YI
- Re: [manet] NHDP-sec-threats feedback Ulrich Herberg