Re: [pim] WG Query: draft-atwood-pim-sm-linklocal-00.txt
Pekka Savola <pekkas@netcore.fi> Thu, 21 October 2004 19:17 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA08670 for <pim-archive@lists.ietf.org>; Thu, 21 Oct 2004 15:17:00 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CKiBN-0004Si-ED; Thu, 21 Oct 2004 15:01:05 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CKhsw-0007YO-Tx for pim@megatron.ietf.org; Thu, 21 Oct 2004 14:42:03 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA04526 for <pim@ietf.org>; Thu, 21 Oct 2004 14:42:00 -0400 (EDT)
Received: from netcore.fi ([193.94.160.1]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CKi5b-0002xW-4j for pim@ietf.org; Thu, 21 Oct 2004 14:55:08 -0400
Received: from localhost (pekkas@localhost) by netcore.fi (8.11.6/8.11.6) with ESMTP id i9LIf3r24287; Thu, 21 Oct 2004 21:41:04 +0300
Date: Thu, 21 Oct 2004 21:41:03 +0300
From: Pekka Savola <pekkas@netcore.fi>
To: JW Atwood <bill@cse.concordia.ca>
Subject: Re: [pim] WG Query: draft-atwood-pim-sm-linklocal-00.txt
In-Reply-To: <4177C48F.6090906@cse.concordia.ca>
Message-ID: <Pine.LNX.4.44.0410212127100.23743-100000@netcore.fi>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002
Cc: greg.daley@eng.monash.edu.au, pim@ietf.org, gopakumar.kurup@eng.monash.edu.au
X-BeenThere: pim@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Protocol Independent Multicast <pim.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:pim@ietf.org>
List-Help: <mailto:pim-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/pim>, <mailto:pim-request@ietf.org?subject=subscribe>
Sender: pim-bounces@ietf.org
Errors-To: pim-bounces@ietf.org
Hi, (Cc:ing two people who are probably not on this particular list.) On Thu, 21 Oct 2004, JW Atwood wrote: > An Internet-Draft titled "Security Issues in PIM-SM Link-local Messages" > has been posted to the Internet-Drafts directory. We believe that the > issues discussed in this draft are pertinent to the current > Internet-Draft for PIM-SM, and to the PIM-SM Working Group. The PIM-SM > draft has acquired a significant amount of material on security issues, > but is hampered by prohibitions in RFC 2402. Correct and meaningful use > of IPsec AH for PIM-SM link-local messages will have to be addressed > either within the current Internet-Draft, or as soon as the proposed > modifications to the Authentication Header (draft-ietf-ipsec-rfc2402bis) > are accepted by the IESG. This looks interesting, and I'll have a look at this. I'll, observe, however, that this is just one (technical solution) piece in the larger puzzle of securing multicast-related protocols when you're on the same link as a router. The interdomain security analysis has been done in draft-ietf-mboned-mroutesec-04.txt [the document is approved and practically in the RFC-editor's queue now]. That points out that we'll need to figure out the threats in the local link, in other words, relating to MLD/IGMP and PIM (solvable e.g. with IPsec-protecting the messages). There has been IMHO excellent start on analyzing the threats with MLD/IGMP in draft-daley-magma-smld-prob-00.txt (which I hope will go forward), and now I think the critical question is: Should the on-link threats to PIM-SM be analyzed and discussed in the same document as the on-link threats to MLD/IGMP? And regardless of that, what would be the correct place for such analysis document(s)? MBONED? MAGMA? PIM? Invidiual submission? (If both are in the same document, I guess that would argue for MBONED.) -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ pim mailing list pim@ietf.org https://www1.ietf.org/mailman/listinfo/pim