Re: [p2prg] Comments to draft-schulzrinne-p2prg-rtc-security-00
Henry Sinnreich <hsinnrei@adobe.com> Wed, 15 April 2009 13:30 UTC
Return-Path: <hsinnrei@adobe.com>
X-Original-To: p2prg@core3.amsl.com
Delivered-To: p2prg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D847828C1C1 for <p2prg@core3.amsl.com>; Wed, 15 Apr 2009 06:30:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.048
X-Spam-Level:
X-Spam-Status: No, score=-6.048 tagged_above=-999 required=5 tests=[AWL=0.550, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ynZxYv+2AJgX for <p2prg@core3.amsl.com>; Wed, 15 Apr 2009 06:30:24 -0700 (PDT)
Received: from exprod6og108.obsmtp.com (exprod6og108.obsmtp.com [64.18.1.21]) by core3.amsl.com (Postfix) with ESMTP id 1191928C14C for <p2prg@ietf.org>; Wed, 15 Apr 2009 06:30:24 -0700 (PDT)
Received: from source ([192.150.11.134]) by exprod6ob108.postini.com ([64.18.5.12]) with SMTP ID DSNKSeXhso48Gldefx6LU4EnVj6KzwMKPlOG@postini.com; Wed, 15 Apr 2009 06:31:36 PDT
Received: from inner-relay-3.eur.adobe.com ([192.150.8.236]) by outbound-smtp-1.corp.adobe.com (8.12.10/8.12.10) with ESMTP id n3FDPleM025931; Wed, 15 Apr 2009 06:25:47 -0700 (PDT)
Received: from nacas01.corp.adobe.com (nacas01.corp.adobe.com [10.8.189.99]) by inner-relay-3.eur.adobe.com (8.12.10/8.12.9) with ESMTP id n3FDVPY3015581; Wed, 15 Apr 2009 06:31:27 -0700 (PDT)
Received: from nambx05.corp.adobe.com ([10.8.189.124]) by nacas01.corp.adobe.com ([10.8.189.99]) with mapi; Wed, 15 Apr 2009 06:31:24 -0700
From: Henry Sinnreich <hsinnrei@adobe.com>
To: Enrico Marocco <enrico.marocco@telecomitalia.it>, Song Haibin <melodysong@huawei.com>
Date: Wed, 15 Apr 2009 06:31:23 -0700
Thread-Topic: [p2prg] Comments to draft-schulzrinne-p2prg-rtc-security-00
Thread-Index: Acm8/tQTjDE3Z/b4S5KXcyGEA3emYwAz6Pdr
Message-ID: <C60B4BDB.D2B2%hsinnrei@adobe.com>
In-Reply-To: <49E4852B.4030108@telecomitalia.it>
Accept-Language: en-US
Content-Language: en
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_C60B4BDBD2B2hsinnreiadobecom_"
MIME-Version: 1.0
Cc: "p2prg@ietf.org" <p2prg@ietf.org>
Subject: Re: [p2prg] Comments to draft-schulzrinne-p2prg-rtc-security-00
X-BeenThere: p2prg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Peer-to-Peer Research Group <p2prg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/p2prg>, <mailto:p2prg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/p2prg>
List-Post: <mailto:p2prg@irtf.org>
List-Help: <mailto:p2prg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/p2prg>, <mailto:p2prg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2009 13:30:30 -0000
> [Haibin] As far as I know, Joost has just changed its basic P2P system > architecture and turned to client/server architecture. It's better to > remove this reference. There is still Bittorrent and several others. Henry On 4/14/09 7:44 AM, "Enrico Marocco" <enrico.marocco@telecomitalia.it> wrote: Thanks for an accurate review, Haibin, we'll integrate your comments in the next version of the draft. A few notes inline. Song Haibin wrote: > 1. In Section 1, paragraph 1, "P2P networks are now also being used for > applications such as Voice over IP (VoIP) [SKYPE] [Singh] and television > [JOOST] [COOLSTREAM]." > > [Haibin] As far as I know, Joost has just changed its basic P2P system > architecture and turned to client/server architecture. It's better to > remove this reference. Yes, indeed, probably now PPLive is a better example of P2P systems for realtime content delivery. > 2. Section 2.1 Incentive of attacker > > [Haibin] I could give some additional common incentives of attackers. > For example, some attacks are motivated by the business competition or > for selling security products. E.g., I heard some firewall product > companies usually attack some company's network, and tell them their > network is not safe, so that they could sell them firewalls. Attacks due > to competition are also common cases. These kinds of attacks may happen > to p2p overlays. While it is arguably a real issue in C/S scenarios, I'm not sure who, in a P2P system, could be the target customer of such security solutions. Maybe you are thinking of sort of a hybrid model, but the case of some company selling a security product for an application distributed by another company doesn't seem much realistic. OTOH I agree that competition could be a real incentive. > 5. In Section 5.1.2, Reactive identification, "In a file-sharing > application for example, after downloading content from a node, if the > peer observes that data does not match its original query it can > identify the corresponding node as malicious." > > [Haibin] It is hard to determine which node is the malicious node in > this context. But at least this content in this node can be marked with > "malicious", or this node can be marked with "suspicious". Identification of malicious peers is actually a very complex topic, subject itself of many possible attacks. The example in section 5.1.2, surely over-simplistic, has the only intent to pass to the reader a quick image of the reactive approach, but it is of course far from a real solution. > 7. In section 7.1.2 When to upgrade > > [Haibin] It lists some information to determine the peer load, e.g. > number of clients attached, bandwidth usage for DHT maintenance, memory > usage for DHT routing table. I hope p2psip diagnostics > (draft-ietf-p2psip-diagnostics) mechanisms can be used to collect the > listed corresponding information from the overlay. At the time of writing the p2psip-diagnostics work was still very early, but I agree that now it would be worth referenced here. -- Ciao, Enrico
- [p2prg] Comments to draft-schulzrinne-p2prg-rtc-s… Song Haibin
- Re: [p2prg] Comments to draft-schulzrinne-p2prg-r… Enrico Marocco
- Re: [p2prg] Comments to draft-schulzrinne-p2prg-r… Song Haibin
- Re: [p2prg] Comments to draft-schulzrinne-p2prg-r… Henry Sinnreich
- Re: [p2prg] Comments to draft-schulzrinne-p2prg-r… Emil Ivov