I'll add Cc: to PIM wg.
On Thu, 27 Oct 2005, Sam Hartman wrote:
This comment is not a discuss, but I am certainly not thrilled with
the current situation. This document does not define a mandatory to
implement security mechanism. It does tell network administrators how
to use IPsec to secure PIM.
...
So I'm not going to block this document. However we must do better in
the future. The primary purpose of this comment is to say that I'm
not happy with this direction and that the fact that this document
passes IESG review may not be used as a justification that future work
should be allowed through.
In my opinion, there seem to be two main classes of PIM
vulnerabilities:
1) those relating to multicast routing infrastructures (between
routers); these have been described in:
draft-ietf-mboned-mroutesec-04.txt (in rfc-ed queue, waiting for the
pim spec)
2) those relating to the interaction of users/apps and multicast
routing infrastructures; these have been described in (expired) draft:
http://netcore.fi/pekkas/ietf/draft-savola-pim-lasthop-threats-01.txt
(this has been presented and discussed in PIM WG, with decision to
wait and see until the PIM spec is reviewed/approved by the IESG).
While there is not clear easy-to-use, robust security mechanism for
1), one has been described for 2) in those scenarios where there is
only one multicast router on the LAN.
...
I hope this clarifies what I believe is the PIM protocol threat
"landscape", while the mitigation mechanisms may not be sufficient in
all the cases.
Unfortunately, it seems neither of these drafts is referred in the PIM
spec.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf