IETF Logo Mail Archive

Re: [ppsp] tickets for IETF 83

Arno Bakker <arno@cs.vu.nl> Wed, 16 May 2012 06:08 UTC

Return-Path: <a.bakker@vu.nl>
X-Original-To: ppsp@ietfa.amsl.com
Delivered-To: ppsp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4A6821F86A4 for <ppsp@ietfa.amsl.com>; Tue, 15 May 2012 23:08:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.398
X-Spam-Level:
X-Spam-Status: No, score=-1.398 tagged_above=-999 required=5 tests=[AWL=3.106, BAYES_00=-2.599, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cuDDWS8gbrxB for <ppsp@ietfa.amsl.com>; Tue, 15 May 2012 23:08:52 -0700 (PDT)
Received: from mailin.vu.nl (mailin.vu.nl [130.37.164.16]) by ietfa.amsl.com (Postfix) with ESMTP id AC3FD21F86A2 for <ppsp@ietf.org>; Tue, 15 May 2012 23:08:50 -0700 (PDT)
Received: from PEXHB012A.vu.local (130.37.236.66) by mailin.vu.nl (130.37.164.16) with Microsoft SMTP Server (TLS) id 14.2.283.3; Wed, 16 May 2012 08:08:56 +0200
Received: from [109.37.13.128] (130.37.238.20) by mails.vu.nl (130.37.236.66) with Microsoft SMTP Server (TLS) id 14.2.283.3; Wed, 16 May 2012 08:08:49 +0200
Message-ID: <4FB344AE.50908@cs.vu.nl>
Date: Wed, 16 May 2012 08:09:50 +0200
From: Arno Bakker <arno@cs.vu.nl>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:11.0) Gecko/20120312 Thunderbird/11.0
MIME-Version: 1.0
To: Picconi Fabio <Fabio.Picconi@technicolor.com>
References: <2012050316123830359558@chinamobile.com> <320C4182454E96478DC039F2C481987204EB1CD469@MOPESMBX01.eu.thmulti.com>, <4FB0FC97.7020601@cs.vu.nl> <2012051511133262864742@chinamobile.com> <320C4182454E96478DC039F2C481987204EB26E73A@MOPESMBX01.eu.thmulti.com>
In-Reply-To: <320C4182454E96478DC039F2C481987204EB26E73A@MOPESMBX01.eu.thmulti.com>
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [130.37.238.20]
Cc: ppsp <ppsp@ietf.org>
Subject: Re: [ppsp] tickets for IETF 83
X-BeenThere: ppsp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: arno@cs.vu.nl
List-Id: discussing to draw up peer to peer streaming protocol <ppsp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ppsp>, <mailto:ppsp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ppsp>
List-Post: <mailto:ppsp@ietf.org>
List-Help: <mailto:ppsp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ppsp>, <mailto:ppsp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 May 2012 06:08:52 -0000

On 15/05/2012 14:45, Picconi Fabio wrote:
> Indeed, I don’t think we should impose a security mechanism on the base 
> protocol. There are existing systems that perform PEX without any 
> security. Even the BitTorrent tracker allows you to spoof somebody and 
> register them in the swarm.
> 

Hi

I agree that one must be able to turn it off, but in public networks one
MUST either turn PEX off or use a secure version, IMHO. Hence, a
secure version must be in the spec. I propose to use the membership
certs which correspond to the signed descriptors from literature.
We should then discuss how certification of peers can be done.

BitTorrent wasn't designed by professionals,  and it appears its PEX
feature is currently being exploited by anti-piracy outfits to attack
the health of swarms ;o)
http://yro.slashdot.org/story/12/05/13/1928215/microsoft-funded-startup-aims-to-kill-bittorrent-traffic

CU,
    Arno

v2.23.0 | Report a Bug | By Email