Protocol Independent Multicast - Sparse Mode (PIM-SM) Multicast Routing Security Issues and Enhancements
draft-ietf-mboned-mroutesec-04
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2012-08-22
|
04 | (System) | post-migration administrative database adjustment to the No Objection position for Russ Housley |
|
2004-11-24
|
04 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
|
2004-11-24
|
04 | Amy Vezza | [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a … [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a single paragraph. You will only need to review the added paragraph: ''5.4Â Passive Mode for PIM'' html diffs are available from: http://www.netcore.fi/pekkas/ietf/temp/draft-ietf-mboned-mroutesec-03-diff.html & http://www.netcore.fi/pekkas/ietf/temp/draft-ietf-mboned-mroutesec-02-diff.html (-02 addresses comments raised by ADs)' added by Amy Vezza |
|
2004-11-23
|
04 | Amy Vezza | IESG state changed to Approved-announcement sent |
|
2004-11-23
|
04 | Amy Vezza | IESG has approved the document |
|
2004-11-23
|
04 | Amy Vezza | Closed "Approve" ballot |
|
2004-11-22
|
04 | David Kessens | State Changes to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed by David Kessens |
|
2004-10-13
|
04 | (System) | New version available: draft-ietf-mboned-mroutesec-04.txt |
|
2004-09-17
|
04 | (System) | Removed from agenda for telechat - 2004-09-16 |
|
2004-09-16
|
04 | Amy Vezza | State Changes to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation by Amy Vezza |
|
2004-09-16
|
04 | Amy Vezza | [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a … [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a single paragraph. You will only need to review the added paragraph: ''5.4 Passive Mode for PIM'' html diffs are available from: http://www.netcore.fi/pekkas/ietf/temp/draft-ietf-mboned-mroutesec-03-diff.html & http://www.netcore.fi/pekkas/ietf/temp/draft-ietf-mboned-mroutesec-02-diff.html (-02 addresses comments raised by ADs)' added by Amy Vezza |
|
2004-09-16
|
04 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss by Russ Housley |
|
2004-09-16
|
04 | Russ Housley | [Ballot discuss] Declaring that all issues associated with confidentiality, authentication, integrity, and rogue routers to be out of scope is inappropriate for a … [Ballot discuss] Declaring that all issues associated with confidentiality, authentication, integrity, and rogue routers to be out of scope is inappropriate for a document with this title. Either cover the material associated with the title or change the title to reflect the material that is covered. The Abstract needs to reflect the scope of the document. The first paragraph of the Security Considerations needs to be rewritten. The tone of the paragraph leads the reader to believe that a thorough threat analysis was done, and this is not the case. The introduction declares many areas to be out of scope. |
|
2004-09-16
|
04 | Russ Housley | [Ballot Position Update] New position, Discuss, has been recorded for Russ Housley by Russ Housley |
|
2004-09-16
|
04 | Harald Alvestrand | [Ballot comment] Paragraph 5.4 reviewed by John Loughney, Gen-ART |
|
2004-09-16
|
04 | Harald Alvestrand | [Ballot Position Update] New position, No Objection, has been recorded for Harald Alvestrand by Harald Alvestrand |
|
2004-09-15
|
04 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
|
2004-09-10
|
04 | David Kessens | [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a … [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a single paragraph. You will only need to review the added paragraph: ''5.4 Passive Mode for PIM'' html diffs are available from: http://www.netcore.fi/pekkas/ietf/temp/draft-ietf-mboned-mroutesec-03-diff.html & http://www.netcore.fi/pekkas/ietf/temp/draft-ietf-mboned-mroutesec-02-diff.html (-02 addresses comments raised by ADs)' added by David Kessens |
|
2004-09-08
|
04 | Bill Fenner | [Ballot Position Update] Position for Bill Fenner has been changed to No Objection from Discuss by Bill Fenner |
|
2004-09-08
|
04 | David Kessens | State Changes to IESG Evaluation from IESG Evaluation::AD Followup by David Kessens |
|
2004-09-08
|
04 | David Kessens | Placed on agenda for telechat - 2004-09-16 by David Kessens |
|
2004-09-08
|
04 | David Kessens | [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a … [Note]: 'This document was already reviewed by the IESG. The authors of this document felt that they could improve the document significantly by adding a single paragraph. You will only need to review the added paragraph: ''5.4 Passive Mode for PIM''' added by David Kessens |
|
2004-08-19
|
03 | (System) | New version available: draft-ietf-mboned-mroutesec-03.txt |
|
2004-06-28
|
04 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2004-06-28
|
02 | (System) | New version available: draft-ietf-mboned-mroutesec-02.txt |
|
2004-06-24
|
04 | Amy Vezza | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza |
|
2004-06-24
|
04 | Amy Vezza | [Ballot Position Update] Position for Bill Fenner has been changed to Discuss from No Objection by Amy Vezza |
|
2004-06-24
|
04 | Jon Peterson | [Ballot Position Update] New position, No Objection, has been recorded for Jon Peterson by Jon Peterson |
|
2004-06-24
|
04 | Thomas Narten | [Ballot Position Update] New position, No Objection, has been recorded for Thomas Narten by Thomas Narten |
|
2004-06-24
|
04 | Bill Fenner | [Ballot comment] I don't understand what the "also" is referring to in the 4th paragraph of section 3. Is there something that I'm missing that … [Ballot comment] I don't understand what the "also" is referring to in the 4th paragraph of section 3. Is there something that I'm missing that implies a limit to the cases where RPF checks are applicable? I don't understand section 3.1; the second paragraph says "also note" about something that 3.1.1 is about to describe; perhaps it would better go inside 3.1.1 . The 3rd paragraph of 3.1 says more or less the same thing as the second half of the 3rd paragraph of 3.1.1, and the one in 3.1.1 is in better context so I'd suggest combining them into the 3.1.1 location. The 3rd bullet in 3.1.1 says "If the RP does not exist, the join goes to the closest router to the RP" -- the RP does not exist so there is no router closest to it; perhaps it goes to the "closest router to the RP address"? Section 4.2 consistently uses "unicast-encapsulation" and "unicast-decapsulation" when referring to PIM register encapsulation and decapsulation. Could it use the term "register" instead of implying it? (Ideally, I'd like to see "register encapsulation" and "register decapsulation"; if you want to throw the word "unicast" in somewhere I won't object). In section 5.3, I don't understand any of the descriptions of the token buckets. They generally follow the form "A rate-limiter which would limit FOO to FOO_MAX per second, with a bucket of FOO_LONG". The token bucket only limits to FOO_MAX per second once the bucket is emptied, so saying "limit FOO to FOO_MAX per second" is wrong until the bucket is empty. Perhaps "limit FOO using a token bucket of depth FOO_LONG which refills at FOO_MAX tokens per second"? |
|
2004-06-24
|
04 | Bill Fenner | [Ballot Position Update] New position, No Objection, has been recorded for Bill Fenner by Bill Fenner |
|
2004-06-23
|
04 | Alex Zinin | [Ballot comment] > o draft-ietf-mboned-mroutesec-01.txt > PIM-SM Multicast Routing Security Issues and Enhancements > (Informational) - > 5 of 6 > Token: … [Ballot comment] > o draft-ietf-mboned-mroutesec-01.txt > PIM-SM Multicast Routing Security Issues and Enhancements > (Informational) - > 5 of 6 > Token: David Kessens > REVIEWER: Joel Halpern This draft is ready for publication as an Informational RFC. Minor points: It is a little odd to find the IPR disclosure in the "Status of this Memo" section, but I suppose it works. The wording on the second paragraph of 3.2.1 is accurate, but could be clearer. In particular, a sentence indicating that many of these threats are caused by the control interaction that follows from initial data would go a long way to clarifying this. Does "The next revisions of this document" text belong in a document intended for RFC publication? (The end of section 5.2) |
|
2004-06-23
|
04 | Alex Zinin | [Ballot Position Update] New position, No Objection, has been recorded for Alex Zinin by Alex Zinin |
|
2004-06-23
|
04 | Harald Alvestrand | Hey - I didn't hit any "undefer" button - and anyway, there ain't no such beast. But the doc should have been undeferred automatically after … Hey - I didn't hit any "undefer" button - and anyway, there ain't no such beast. But the doc should have been undeferred automatically after the previous telechat, so the statechange is OK. |
|
2004-06-23
|
04 | Harald Alvestrand | [Note]: 'IESG RED TEAM' added by Harald Alvestrand |
|
2004-06-23
|
04 | Harald Alvestrand | State Changes to IESG Evaluation from IESG Evaluation - Defer by Harald Alvestrand |
|
2004-06-10
|
04 | Scott Hollenbeck | [Ballot Position Update] Position for Scott Hollenbeck has been changed to No Objection from Undefined by Scott Hollenbeck |
|
2004-06-10
|
04 | Scott Hollenbeck | [Ballot comment] Introduction, second paragraph: I don't understand if the author is trying to say that "ensuring confidentiality, authentication and integrity of multicast groups and … [Ballot comment] Introduction, second paragraph: I don't understand if the author is trying to say that "ensuring confidentiality, authentication and integrity of multicast groups and traffic is out of the scope" of this document and one should refer to [9], or if it's out of scope of [9]. The latter doesn't make much sense, but the text could be worded better to make the point clear. Something like "ensuring confidentiality, authentication and integrity of multicast groups and traffic is out of scope; please see [9] for details" would be better. |
|
2004-06-10
|
04 | Scott Hollenbeck | [Ballot comment] Introduction, second paragraph: I don't undersdtand if the author is trying to say that "ensuring confidentiality, authentication and integrity of multicast groups and … [Ballot comment] Introduction, second paragraph: I don't undersdtand if the author is trying to say that "ensuring confidentiality, authentication and integrity of multicast groups and traffic is out of the scope" of this document and one should refer to [9], or if it's out of scope of [9]. The latter doesn't make much sense, but the text could be worded better to make the point clear. Something like "ensuring confidentiality, authentication and integrity of multicast groups and traffic is out of the scope; please see [9] for details" would be better. |
|
2004-06-10
|
04 | Scott Hollenbeck | [Ballot Position Update] New position, Undefined, has been recorded for Scott Hollenbeck by Scott Hollenbeck |
|
2004-06-10
|
04 | David Kessens | [Ballot Position Update] New position, Yes, has been recorded for David Kessens by David Kessens |
|
2004-06-10
|
04 | Bill Fenner | State Changes to IESG Evaluation - Defer from IESG Evaluation by Bill Fenner |
|
2004-06-09
|
04 | Steven Bellovin | [Ballot comment] 2: Expand RP 3: Expand BSR There should probably be some discussion of adding authentication to the various multicast protocols. To be sure, … [Ballot comment] 2: Expand RP 3: Expand BSR There should probably be some discussion of adding authentication to the various multicast protocols. To be sure, that could lead to a CPU DoS -- but that should be discussed, too. |
|
2004-06-09
|
04 | Steven Bellovin | [Ballot Position Update] New position, No Objection, has been recorded for Steve Bellovin by Steve Bellovin |
|
2004-06-09
|
04 | Ted Hardie | [Ballot comment] In the summary of threats, I wonder if it might not be better to use "resistant, highly resistant, not resistant, somewhat resistant" instad … [Ballot comment] In the summary of threats, I wonder if it might not be better to use "resistant, highly resistant, not resistant, somewhat resistant" instad of good, bad, mediocre, very good and very bad. As it stands, the table is pretty easy to misread. |
|
2004-06-09
|
04 | Ted Hardie | [Ballot Position Update] New position, No Objection, has been recorded for Ted Hardie by Ted Hardie |
|
2004-06-09
|
04 | Amy Vezza | Ballot has been issued by Amy Vezza |
|
2004-06-09
|
04 | Amy Vezza | Created "Approve" ballot |
|
2004-06-09
|
04 | (System) | Ballot writeup text was added |
|
2004-06-09
|
04 | (System) | Last call text was added |
|
2004-06-09
|
04 | (System) | Ballot approval text was added |
|
2004-06-03
|
04 | David Kessens | Placed on agenda for telechat - 2004-06-10 by David Kessens |
|
2004-06-03
|
04 | David Kessens | State Changes to IESG Evaluation from AD Evaluation by David Kessens |
|
2004-05-26
|
04 | David Kessens | State Changes to AD Evaluation from Publication Requested by David Kessens |
|
2004-05-21
|
04 | Dinara Suleymanova | Draft Added by Dinara Suleymanova |
|
2004-05-19
|
01 | (System) | New version available: draft-ietf-mboned-mroutesec-01.txt |
|
2004-04-16
|
00 | (System) | New version available: draft-ietf-mboned-mroutesec-00.txt |