IETF Logo Mail Archive

[dnssd] Threat model new version: draft-otis-dnssd-scalable-dns-sd-threats-00.txt

"Hosnieh Rafiee" <ietf@rozanak.com> Thu, 27 August 2015 17:50 UTC

Return-Path: <ietf@rozanak.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 228C61B32DA for <dnssd@ietfa.amsl.com>; Thu, 27 Aug 2015 10:50:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3UfkN3_bXO7a for <dnssd@ietfa.amsl.com>; Thu, 27 Aug 2015 10:50:39 -0700 (PDT)
Received: from mail.rozanak.com (mail.rozanak.com [IPv6:2a01:238:42ad:1500:aa19:4238:e48f:61cf]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8153C1B2F0B for <dnssd@ietf.org>; Thu, 27 Aug 2015 10:50:39 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mail.rozanak.com (Postfix) with ESMTP id B82B225CA2C4; Thu, 27 Aug 2015 17:50:37 +0000 (UTC)
X-Virus-Scanned: amavisd-new at rozanak.com
Received: from mail.rozanak.com ([127.0.0.1]) by localhost (mail.iknowlaws.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rPUDhZyCW5b6; Thu, 27 Aug 2015 19:50:36 +0200 (CEST)
Received: from kopoli (p200300864F67D0951805331A8B72FE45.dip0.t-ipconnect.de [IPv6:2003:86:4f67:d095:1805:331a:8b72:fe45]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.rozanak.com (Postfix) with ESMTPSA id 9EFF325CA2B1; Thu, 27 Aug 2015 19:50:36 +0200 (CEST)
From: Hosnieh Rafiee <ietf@rozanak.com>
To: dnssd@ietf.org
Date: Thu, 27 Aug 2015 19:50:36 +0200
Message-ID: <00cb01d0e0f0$e118b4d0$a34a1e70$@rozanak.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdDg8N45lAl3Far0QHSsVOZCL2lXDA==
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnssd/B453UaHz4VGvOGplFU79bSVIdI8>
Cc: Douglas_Otis@trendmicro.com
Subject: [dnssd] Threat model new version: draft-otis-dnssd-scalable-dns-sd-threats-00.txt
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 17:50:42 -0000

Dear All,

We have uploaded a new version of threat model. This version replaces two former drafts that are as followings:

draft-otis-dnssd-mdns-xlink
draft-rafiee-dnssd-mdns-threatmodel-03

Please review the draft and let us know whether this version address all the threats and whether or not it is ready for adoption.

Thanks,
Best,
Hosnieh & Douglas



A new version of I-D, draft-otis-dnssd-scalable-dns-sd-threats-00.txt
has been successfully submitted by Douglas Otis and posted to the IETF repository.

Name:		draft-otis-dnssd-scalable-dns-sd-threats
Revision:	00
Title:		Scalable DNS-SD (SSD) Threats
Document date:	2015-08-26
Group:		Individual Submission
Pages:		19
URL:            https://www.ietf.org/internet-drafts/draft-otis-dnssd-scalable-dns-sd-threats-00.txt
Status:         https://datatracker.ietf.org/doc/draft-otis-dnssd-scalable-dns-sd-threats/
Htmlized:       https://tools.ietf.org/html/draft-otis-dnssd-scalable-dns-sd-threats-00


Abstract:
   mDNS combined with Service Discovery (DNS-SD) extends network
   resource distribution beyond the reach of multicast normally limited
   by the MAC Bridge.  Since related resources are often not
   authenticated, either local resources are inherently trustworthy or
   are subsequently verified by associated services.  Resource
   distribution becomes complex when a hybrid scheme combines adjacent
   network resources into a common unicast DNS-SD structure.  This
   document explores related security considerations.


                                                                                  


Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

v2.23.0 | Report a Bug | By Email