The IESG has approved the following document: - 'Host Threats to Protocol Independent Multicast (PIM) ' <draft-ietf-pim-lasthop-threats-04.txt> as an Informational RFC This document is the product of the Protocol Independent Multicast Working Group. The IESG contact persons are David Ward and Ross Callon. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-pim-lasthop-threats-04.txt Technical Summary There has been some analysis of the security threats to the multicast routing infrastructures [RFC4609], some work on implementing confidentiality, integrity and authorization in the multicast payload [RFC3740], and also some analysis of security threats in IGMP/MLD [I-D.daley-magma-smld-prob], but no comprehensive analysis of security threats to PIM at the host-connecting (typically "Local Area Network") links. We define these PIM host threats to include: o Nodes using PIM to attack or deny service to hosts on the same link, o Nodes using PIM to attack or deny service to valid multicast routers on the link, or o Nodes using PIM (Register messages) to bypass the controls of multicast routers on the link. The attacking node is typically a host or a host acting as an illegitimate router. A node originating multicast data can disturb existing receivers of the group on the same link, but this issue is not PIM-specific so it is out of scope. Subverting legitimate routers is out of scope. Security implications on multicast routing infrastructure are described in [RFC4609]. This document analyzes the PIM host-interface vulnerabilities, formulates a few specific threats, proposes some potential ways to mitigate these problems and analyzes how well those methods accomplish fixing the issues. It is assumed that the reader is familiar with the basic concepts of PIM. Working Group Summary Yes, no issues. Document Quality Good review from outside the WG Personnel Dave Ward _______________________________________________ IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
