IETF Logo Mail Archive

Re: [MMUSIC] WGLC for draft-ietf-mmusic-delayed-duplication-01

Ari Keränen <ari.keranen@ericsson.com> Wed, 24 April 2013 21:07 UTC

Return-Path: <ari.keranen@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D84A021F910E for <mmusic@ietfa.amsl.com>; Wed, 24 Apr 2013 14:07:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.881
X-Spam-Level:
X-Spam-Status: No, score=-5.881 tagged_above=-999 required=5 tests=[AWL=0.068, BAYES_00=-2.599, HELO_EQ_SE=0.35, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YgvsovL3f2Np for <mmusic@ietfa.amsl.com>; Wed, 24 Apr 2013 14:07:38 -0700 (PDT)
Received: from mailgw2.ericsson.se (mailgw2.ericsson.se [193.180.251.37]) by ietfa.amsl.com (Postfix) with ESMTP id E5A1A21F9104 for <mmusic@ietf.org>; Wed, 24 Apr 2013 14:07:37 -0700 (PDT)
X-AuditID: c1b4fb25-b7f366d000004d10-53-51784998e6fb
Received: from esessmw0197.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw2.ericsson.se (Symantec Mail Security) with SMTP id 68.45.19728.89948715; Wed, 24 Apr 2013 23:07:36 +0200 (CEST)
Received: from mail.lmf.ericsson.se (153.88.115.8) by esessmw0197.eemea.ericsson.se (153.88.115.88) with Microsoft SMTP Server id 8.3.279.1; Wed, 24 Apr 2013 23:07:36 +0200
Received: from nomadiclab.lmf.ericsson.se (nomadiclab.lmf.ericsson.se [131.160.33.3]) by mail.lmf.ericsson.se (Postfix) with ESMTP id 4A1302419; Thu, 25 Apr 2013 00:07:36 +0300 (EEST)
Received: from nomadiclab.lmf.ericsson.se (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id BB51654D41; Thu, 25 Apr 2013 00:07:35 +0300 (EEST)
Received: from As-MacBook-Air.local (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 57E3D54ADA; Thu, 25 Apr 2013 00:07:35 +0300 (EEST)
Message-ID: <51784997.3040207@ericsson.com>
Date: Thu, 25 Apr 2013 00:07:35 +0300
From: Ari Keränen <ari.keranen@ericsson.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: "Ali C. Begen (abegen)" <abegen@cisco.com>
References: <515F03F3.6070400@ericsson.com> <51770ADD.6080702@ericsson.com> <C15918F2FCDA0243A7C919DA7C4BE9940D00FB1B@xmb-aln-x01.cisco.com>
In-Reply-To: <C15918F2FCDA0243A7C919DA7C4BE9940D00FB1B@xmb-aln-x01.cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrCLMWRmVeSWpSXmKPExsUyM+Jvre4Mz4pAg2NLTCwebJ/LaLH/4m1W i6nLH7M4MHtM+b2R1WPJkp9MHl8uf2YLYI7isklJzcksSy3St0vgyphz7TJrwQ/2igsfP7I2 MK5h62Lk5JAQMJGY9bWLHcIWk7hwbz1QnItDSOAUo8S8h1uYIJwNjBKzJz9hhXB2M0ps+DQR KrOOUeLrilXMEM4KRokJu8+BDeMV0Ja49XUHC4jNIqAqsbD3LxOIzSZgL3FzwnWwGlGBZIml O5eyQdQLSpyc+QSsXkRAT2J/xzRGkKHMAv2MEtNWXARrEBZwl9iz/A07xLYeoKP6PoNN5RTw lZj7GORATqAOW4kLc66zQNjyEs1bZzNDvKcmcfXcJjBbCOiiq/9eMU5gFJ2FZPksJO2zkLQv YGRexciem5iZk15utIkRGBMHt/xW3cF455zIIUZpDhYlcd5w1wsBQgLpiSWp2ampBalF8UWl OanFhxiZODilGhilPlW1fKvKtK2u44pRVNN8u7nk0JkPM4+x7OTKW5I0ZYli0o89s1xZEv74 FPe31CX+1lt4/FHQM3e7188bTF16wzs3dTzco7rPU63l6VxxyR8Hzbv9z4hr6bAnngqpzt1f fJW57XPd5iddqzwct+9yrl917f/3fywCwYLlT/cKbLk6g7nilKISS3FGoqEWc1FxIgA6OnXq VwIAAA==
Cc: "<draft-ietf-mmusic-delayed-duplication@tools.ietf.org>" <draft-ietf-mmusic-delayed-duplication@tools.ietf.org>, mmusic <mmusic@ietf.org>
Subject: Re: [MMUSIC] WGLC for draft-ietf-mmusic-delayed-duplication-01
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Apr 2013 21:07:39 -0000

On 4/24/13 9:32 AM, Ali C. Begen (abegen) wrote:
>
> On Apr 24, 2013, at 7:27 AM, Ari Keränen <ari.keranen@ericsson.com>
> wrote:
>
>> Hi,
>>
>> I reviewed the draft and noticed that in the intro section you
>> mention a possible DoS attack using the delayed duplication
>> functionality, but it's not discussed at all in the security
>> considerations section. Should that be addressed too?
>>
>
> Really? the whole section talks about what could happen if someone
> could modify the SDP (number of dup streams, delays, etc.).
> Especially the last paragraph mentions this. is it not clear?

Not really. I guess I was expecting something more for a "new series of 
denial-of-service attacks" than what was described in the security 
section. To make this more clear, perhaps you could use the term DoS 
also in the security section, where applicable.

Especially the last section talks about software bug or 
misconfiguration, but couldn't an active attacker also do this?


Cheers,
Ari

v2.23.0 | Report a Bug | By Email