[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rddp] Terminate message a security threat?

To: Jim Pinkerton <jpink at windows.microsoft.com>, RDDP <rddp at ietf.org>
Subject: Re: [rddp] Terminate message a security threat?
From: Sukanta ganguly <sganguly at yahoo.com>
Date: Tue, 4 Jan 2005 09:16:59 -0800 (PST)
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=PSsqRL3rk082aew+MCWvbwNtyYRFU5IjmHGUcCTq9r3g1fyLhdGG/lMKYUvOPYrm7YCGYm6LxHwsLgt2v1HCvV1hZgsOu5pPoFPIVZSNOGmprZjhbqCTkAZ5ds739aHQ6u9+vNAc4n/HlnKmOzAAPaXuztYPii1Vjm0ZxzBZ400= ;
In-reply-to: <E6564B8F86852D46A4E98C485FB33B8F0B7EDC19@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com>
List-help: <mailto:rddp-request@ietf.org?subject=help>
List-id: "IETF Remote Direct Data Placement \(rddp\) WG" <rddp.ietf.org>
List-post: <mailto:rddp@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/rddp>, <mailto:rddp-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/rddp>, <mailto:rddp-request@ietf.org?subject=unsubscribe>
Sender: rddp-bounces at ietf.org

I agree. I don't see much to be added for Terminate
Message. Spoofing is a different issue. 


SG

--- Jim Pinkerton <jpink at windows.microsoft.com> wrote:

>  
> 
> To date the security ID doesn't discuss the
> Terminate Message. It was suggested to me by
> Mallikarjun as part of his detailed review that
> since all other messages are discussed, shouldn't
> Terminate be? 
> 
>  
> 
> In thinking this through, I don't believe this
> represents any new attacks. If the Remote Peer is
> sending you a Terminate Message, then that ½ of the
> Stream is terminated. So he just clobbered himself,
> but hasn't been able to affect any other connections
> - thus this is not a security issue. If a third
> party is able to inject a Terminate Message into the
> data stream, then it is a spoofing attack. The
> spoofing attack and mitigations are already
> discussed. So I think at best the Terminate Message
> could be added as an example of a spoofing attack,
> but honestly there are a ton of things the spoofer
> could do, so I'm not sure I'd revise the draft just
> to add another example.
> 
>  
> 
> Does anyone see a hole in my reasoning?
> 
>  
> 
>  
> 
> Jim
> 
>  
> 
>  
> 
>  
> 
> > _______________________________________________
> rddp mailing list
> rddp at ietf.org
> https://www1.ietf.org/mailman/listinfo/rddp
> 



		
__________________________________ 
Do you Yahoo!? 
All your favorites on one personal page ? Try My Yahoo!
http://my.yahoo.com 

_______________________________________________
rddp mailing list
rddp at ietf.org
https://www1.ietf.org/mailman/listinfo/rddp

References:
- [rddp] Terminate message a security threat?
  - From: Jim Pinkerton

Prev by Date: [rddp] Terminate message a security threat?
Next by Date: RE: [rddp] Terminate message a security threat?
Previous by thread: [rddp] Terminate message a security threat?
Next by thread: Re: [rddp] Terminate message a security threat?
Index(es):
- Date
- Thread