[MMUSIC] Endpoint IDs in draft-rosenberg-mmusic-comedia-fix-00

["Cullen Jennings" <fluffy@cisco.com>]

Few thoughts....

Have you considered using the TCP ISN for the endpoint id? I imagine this is
not really practical from an implementation point of view.

Perhaps how the Endpoint ID is communicated in the connection should be out
of scope of this draft and the draft should just required that there is some
way to do it in the initial hello. Things like BEEP and SCTP could use a
different mechanism to deal with passing the EndPoint ID.

I wonder if a 32 bit Endpoint is large enough if a client needs to be
prepared to receive multiple connections on the same port at any time in the
session. Some attacker could just try random Endpoint ID for a long time and
hope to connect. A client like a SMS GW could have lots of valid EndPoint
IDs that bring up the birthday attack problem. I have not thought too much
about how fast this search space can be covered but it seems that it is in
the many days magnitude.

I am confused by messages 7,8,9 in figure 2.

Cullen



_______________________________________________
mmusic mailing list
mmusic@ietf.org
https://www1.ietf.org/mailman/listinfo/mmusic