Re: [Seamoby] [issue30] How to handle bad MN's authorization Token?
Rajeev Koodli <rajeev@iprg.nokia.com> Sat, 13 December 2003 00:04 UTC
Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA04337 for <seamoby-archive@odin.ietf.org>; Fri, 12 Dec 2003 19:04:29 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AUxGN-0007uz-Qf for seamoby-archive@odin.ietf.org; Fri, 12 Dec 2003 19:04:04 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hBD0437L030431 for seamoby-archive@odin.ietf.org; Fri, 12 Dec 2003 19:04:03 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AUxGN-0007uk-MR for seamoby-web-archive@optimus.ietf.org; Fri, 12 Dec 2003 19:04:03 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA04295 for <seamoby-web-archive@ietf.org>; Fri, 12 Dec 2003 19:03:58 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AUxGK-0004q7-00 for seamoby-web-archive@ietf.org; Fri, 12 Dec 2003 19:04:00 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AUxGK-0004q3-00 for seamoby-web-archive@ietf.org; Fri, 12 Dec 2003 19:04:00 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AUxGL-0007uE-Bv; Fri, 12 Dec 2003 19:04:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AUxFW-0007s6-P7 for seamoby@optimus.ietf.org; Fri, 12 Dec 2003 19:03:13 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA04256 for <seamoby@ietf.org>; Fri, 12 Dec 2003 19:03:05 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AUxFT-0004p6-00 for seamoby@ietf.org; Fri, 12 Dec 2003 19:03:07 -0500
Received: from darkstar.iprg.nokia.com ([205.226.5.69]) by ietf-mx with esmtp (Exim 4.12) id 1AUxFS-0004oe-00 for seamoby@ietf.org; Fri, 12 Dec 2003 19:03:06 -0500
Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id hBD029r25099; Fri, 12 Dec 2003 16:02:09 -0800
X-mProtect: <200312130002> Nokia Silicon Valley Messaging Protection
Received: from rajeev.iprg.nokia.com (205.226.2.90, claiming to be "iprg.nokia.com") by darkstar.iprg.nokia.com smtpdwpAvAm; Fri, 12 Dec 2003 16:02:08 PST
Message-ID: <3FDA56F5.8C43A449@iprg.nokia.com>
Date: Fri, 12 Dec 2003 16:01:58 -0800
From: Rajeev Koodli <rajeev@iprg.nokia.com>
Organization: Nokia Research Center
X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.4-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Nakhjiri Madjid-MNAKHJI1 <Madjid.Nakhjiri@motorola.com>
CC: Seamoby CTP Issues <ctp_issues@danforsberg.info>, seamoby@ietf.org
Subject: Re: [Seamoby] [issue30] How to handle bad MN's authorization Token?
References: <EBF631554F9CD7118D0B00065BF34DCB239161@il27exm03.cig.mot.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: seamoby-admin@ietf.org
Errors-To: seamoby-admin@ietf.org
X-BeenThere: seamoby@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=unsubscribe>
List-Id: Context Transfer, Handoff Candidate Discovery, and Dormant Mode Host Alerting <seamoby.ietf.org>
List-Post: <mailto:seamoby@ietf.org>
List-Help: <mailto:seamoby-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Hi, is your concern message tampering between pAR and nAR ? If so, that should apply to all contexts. I think we address that by saying the routers SHOULD have SAs. Regards, -Rajeev Nakhjiri Madjid-MNAKHJI1 wrote: > Rajeev, > > I don't recall whether there was a message authentication procedure between > the pAR and nAR, if there is none, and the pAR can't verify the authorization > token, then we may open the door to DoS attacks on the pAR. So responding to > nAR may have bad consequences... > If there is no message authentication between nAR and pAR, while you are expecting > the MN to authenticate itself to pAR (to me this is half way solution), then the > pAR should ignore the request. > > Madjid > > -----Original Message----- > From: seamoby-admin@ietf.org [mailto:seamoby-admin@ietf.org]On Behalf Of > Rajeev Koodli > Sent: Monday, December 08, 2003 1:14 PM > To: Seamoby CTP Issues > Cc: seamoby@ietf.org > Subject: Re: [Seamoby] [issue30] How to handle bad MN's authorization > Token? > > John Loughney SEAMOBY-Issues wrote: > > > New submission from John Loughney <john.loughney@nokia.com>: > > > > In case nAR requests the transfer by a CTR message, the pAR must verify > > the MN's authorization token. If this token is unvalid, what do we do ? > > > > Possible solutions: > > > > - nothing ? the pAR does not answer to nAR. > > - pAR indicates the error to nAR: > > * In the CTD message. > > * In a error message which could carry error information. > > > > pAR MUST respond to nAR with an appropriate error. > nAR SHOULD convey the result to the MN. > > -Rajeev > > > > > others ? > > > > ---------- > > category: Editorial > > document: draft-ietf-seamoby-ctp-05.txt > > messages: 39 > > nosy: jloughney > > priority: Should Fix > > status: No Discussion > > title: How to handle bad MN's authorization Token? > > _____________________________________________________________ > > Seamoby CTP Issues <ctp_issues@danforsberg.info> > > <http://danforsberg.info:8080/draft-ietf-seamoby-ctp/issue30> > > _____________________________________________________________ > > > > _______________________________________________ > > Seamoby mailing list > > Seamoby@ietf.org > > https://www1.ietf.org/mailman/listinfo/seamoby > > _______________________________________________ > Seamoby mailing list > Seamoby@ietf.org > https://www1.ietf.org/mailman/listinfo/seamoby _______________________________________________ Seamoby mailing list Seamoby@ietf.org https://www1.ietf.org/mailman/listinfo/seamoby
- RE: [Seamoby] [issue30] How to handle bad MN's au… Nakhjiri Madjid-MNAKHJI1
- RE: [Seamoby] [issue30] How to handle bad MN's au… Nakhjiri Madjid-MNAKHJI1
- Re: [Seamoby] [issue30] How to handle bad MN's au… Rajeev Koodli
- RE: [Seamoby] [issue30] How to handle bad MN's au… Nakhjiri Madjid-MNAKHJI1
- Re: [Seamoby] [issue30] How to handle bad MN's au… Rajeev Koodli
- Re: [Seamoby] [issue30] How to handle bad MN's au… Julien Bournelle