IETF Logo Mail Archive

Re: [p2prg] Comments to draft-schulzrinne-p2prg-rtc-security-00

Henry Sinnreich <hsinnrei@adobe.com> Wed, 15 April 2009 13:30 UTC

Return-Path: <hsinnrei@adobe.com>
X-Original-To: p2prg@core3.amsl.com
Delivered-To: p2prg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D847828C1C1 for <p2prg@core3.amsl.com>; Wed, 15 Apr 2009 06:30:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.048
X-Spam-Level:
X-Spam-Status: No, score=-6.048 tagged_above=-999 required=5 tests=[AWL=0.550, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ynZxYv+2AJgX for <p2prg@core3.amsl.com>; Wed, 15 Apr 2009 06:30:24 -0700 (PDT)
Received: from exprod6og108.obsmtp.com (exprod6og108.obsmtp.com [64.18.1.21]) by core3.amsl.com (Postfix) with ESMTP id 1191928C14C for <p2prg@ietf.org>; Wed, 15 Apr 2009 06:30:24 -0700 (PDT)
Received: from source ([192.150.11.134]) by exprod6ob108.postini.com ([64.18.5.12]) with SMTP ID DSNKSeXhso48Gldefx6LU4EnVj6KzwMKPlOG@postini.com; Wed, 15 Apr 2009 06:31:36 PDT
Received: from inner-relay-3.eur.adobe.com ([192.150.8.236]) by outbound-smtp-1.corp.adobe.com (8.12.10/8.12.10) with ESMTP id n3FDPleM025931; Wed, 15 Apr 2009 06:25:47 -0700 (PDT)
Received: from nacas01.corp.adobe.com (nacas01.corp.adobe.com [10.8.189.99]) by inner-relay-3.eur.adobe.com (8.12.10/8.12.9) with ESMTP id n3FDVPY3015581; Wed, 15 Apr 2009 06:31:27 -0700 (PDT)
Received: from nambx05.corp.adobe.com ([10.8.189.124]) by nacas01.corp.adobe.com ([10.8.189.99]) with mapi; Wed, 15 Apr 2009 06:31:24 -0700
From: Henry Sinnreich <hsinnrei@adobe.com>
To: Enrico Marocco <enrico.marocco@telecomitalia.it>, Song Haibin <melodysong@huawei.com>
Date: Wed, 15 Apr 2009 06:31:23 -0700
Thread-Topic: [p2prg] Comments to draft-schulzrinne-p2prg-rtc-security-00
Thread-Index: Acm8/tQTjDE3Z/b4S5KXcyGEA3emYwAz6Pdr
Message-ID: <C60B4BDB.D2B2%hsinnrei@adobe.com>
In-Reply-To: <49E4852B.4030108@telecomitalia.it>
Accept-Language: en-US
Content-Language: en
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_C60B4BDBD2B2hsinnreiadobecom_"
MIME-Version: 1.0
Cc: "p2prg@ietf.org" <p2prg@ietf.org>
Subject: Re: [p2prg] Comments to draft-schulzrinne-p2prg-rtc-security-00
X-BeenThere: p2prg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Peer-to-Peer Research Group <p2prg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/p2prg>, <mailto:p2prg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/p2prg>
List-Post: <mailto:p2prg@irtf.org>
List-Help: <mailto:p2prg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/p2prg>, <mailto:p2prg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2009 13:30:30 -0000

> [Haibin] As far as I know, Joost has just changed its basic P2P system
> architecture and turned to client/server architecture. It's better to
> remove this reference.

There is still Bittorrent and several others.

Henry


On 4/14/09 7:44 AM, "Enrico Marocco" <enrico.marocco@telecomitalia.it> wrote:

Thanks for an accurate review, Haibin, we'll integrate your comments in
the next version of the draft. A few notes inline.

Song Haibin wrote:
> 1. In Section 1, paragraph 1, "P2P networks are now also being used for
> applications such as Voice over IP (VoIP) [SKYPE] [Singh] and television
> [JOOST] [COOLSTREAM]."
>
> [Haibin] As far as I know, Joost has just changed its basic P2P system
> architecture and turned to client/server architecture. It's better to
> remove this reference.

Yes, indeed, probably now PPLive is a better example of P2P systems for
realtime content delivery.

> 2. Section 2.1 Incentive of attacker
>
> [Haibin]  I could give some additional common incentives of attackers.
> For example, some attacks are motivated by the business competition or
> for selling security products. E.g., I heard some firewall product
> companies usually attack some company's network, and tell them their
> network is not safe, so that they could sell them firewalls. Attacks due
> to competition are also common cases. These kinds of attacks may happen
> to p2p overlays.

While it is arguably a real issue in C/S scenarios, I'm not sure who, in
a P2P system, could be the target customer of such security solutions.
Maybe you are thinking of sort of a hybrid model, but the case of some
company selling a security product for an application distributed by
another company doesn't seem much realistic. OTOH I agree that
competition could be a real incentive.

> 5. In Section 5.1.2, Reactive identification, "In a file-sharing
> application for example, after downloading content from a node, if the
> peer observes that data does not match its original query it can
> identify the corresponding node as malicious."
>
> [Haibin] It is hard to determine which node is the malicious node in
> this context. But at least this content in this node can be marked with
> "malicious", or this node can be marked with "suspicious".

Identification of malicious peers is actually a very complex topic,
subject itself of many possible attacks. The example in section 5.1.2,
surely over-simplistic, has the only intent to pass to the reader a
quick image of the reactive approach, but it is of course far from a
real solution.

> 7. In section 7.1.2 When to upgrade
>
> [Haibin] It lists some information to determine the peer load, e.g.
> number of clients attached, bandwidth usage for DHT maintenance, memory
> usage for DHT routing table. I hope p2psip diagnostics
> (draft-ietf-p2psip-diagnostics) mechanisms can be used to collect the
> listed corresponding information from the overlay.

At the time of writing the p2psip-diagnostics work was still very early,
but I agree that now it would be worth referenced here.

--
Ciao,
Enrico

v2.23.0 | Report a Bug | By Email