|
To date the security ID doesn’t discuss the Terminate Message. It was suggested to me by Mallikarjun as part of his detailed review that since all other messages are discussed, shouldn’t Terminate be?
In thinking this through, I don’t believe this represents any new attacks. If the Remote Peer is sending you a Terminate Message, then that ½ of the Stream is terminated. So he just clobbered himself, but hasn’t been able to affect any other connections – thus this is not a security issue. If a third party is able to inject a Terminate Message into the data stream, then it is a spoofing attack. The spoofing attack and mitigations are already discussed. So I think at best the Terminate Message could be added as an example of a spoofing attack, but honestly there are a ton of things the spoofer could do, so I’m not sure I’d revise the draft just to add another example.
Does anyone see a hole in my reasoning?
Jim
|
_______________________________________________ rddp mailing list rddp at ietf.org https://www1.ietf.org/mailman/listinfo/rddp