[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Document Action: 'Security Attacks Found Against SCTP and Current Countermeasures' to Informational RFC

To: IETF-Announce <ietf-announce at ietf.org>
Subject: Document Action: 'Security Attacks Found Against SCTP and Current Countermeasures' to Informational RFC
From: The IESG <iesg-secretary at ietf.org>
Date: Fri, 15 Jun 2007 10:45:54 -0400
Cc: tsvwg chair <tsvwg-chairs at tools.ietf.org>, Internet Architecture Board <iab at iab.org>, tsvwg mailing list <tsvwg at ietf.org>, RFC Editor <rfc-editor at rfc-editor.org>
List-help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-id: ietf-announce.ietf.org
List-post: <mailto:ietf-announce@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>

The IESG has approved the following document:

- 'Security Attacks Found Against SCTP and Current Countermeasures '
   <draft-ietf-tsvwg-sctpthreat-05.txt> as an Informational RFC

This document is the product of the Transport Area Working Group. 

The IESG contact persons are Lars Eggert and Magnus Westerlund.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-sctpthreat-05.txt

Technical Summary
 
   The Stream Control Transmission Protocol defined in RFC 2960
   is a multi-homed transport protocol. As such, unique
   security threats exists that are addressed in various ways
   within the protocol itself. This document attempts to detail
   the known security threats and their countermeasures as
   detailed in the current version of the SCTP Implementers
   guide RFC 4460.
 
Working Group Summary
 
   There is strong consensus in the WG to publish this
   document. It has been reviewed by several people in the WG
   last call. Comments raised has been addressed.
 
Protocol Quality
 
   This is not a protocol document, therefore there are no
   implementations of what this document offers.
   
Personnel
   
   James Polk (jmpolk at cisco.com) is the document Shepherd. Lars
   Eggert (lars.eggert at nokia.com) is the responsible Area
   Director.

Note to RFC Editor
 
   Note: This document assumes that draft-ietf-tsvwg-2960bis
   will be assigned the RFC number 4960 that has been reserved
   for it. If that for some reason won't happen, parts of the text
   need to be adjusted.

Section 1., paragraph 1:
OLD:
    using techniques from the SCTP Specification Errata and Issues memo
    ([RFC4460]).  These techniques are included in
    ^^^^^^^^^^^
NEW:
    using techniques from the SCTP Specification Errata and Issues memo
    [RFC4460].  These techniques are included in
    ^^^^^^^^^


Section 1., paragraph 2:
OLD:
    This work and some of the changes that went into the [RFC4460] and
                                                     ^^^
    [I-D.ietf-tsvwg-2960bis] are much indebted to the paper on potential
    SCTP security risks Effects [effects] by Aura, Nikander and
                        ^^^^^^^^^^^^^^^^^
NEW:

    This work and some of the changes that went into [RFC4460] and
                                                    ^
    [I-D.ietf-tsvwg-2960bis] are much indebted to the paper on potential
    SCTP security risks [EFFECTS] by Aura, Nikander and
                        ^^^^^^^^^


Section 1., paragraph 3:
OLD:
    that were illustrated in Effects [effects] and detail what
                             ^^^^^^^^^^^^^^^^^
NEW:
    that were illustrated in [EFFECTS] and detail what
                             ^^^^^^^^^


Section 2.2., paragraph 1:
OLD:
    were made in the BSD implementation that are now present in the
                                                                ^^^
    [I-D.ietf-tsvwg-2960bis].  In close examination, this attack depends

NEW:
    were made in the BSD implementation that are now present in
                                                                ^
    [I-D.ietf-tsvwg-2960bis].  In close examination, this attack depends


Section 3., paragraph 1:
OLD:
    However with the addition of the [I-D.ietf-tsvwg-addip-sctp]
    extension to SCTP an endpoint that is NOT a man-in-the-middle may be
    able to assume another endpoints association.

NEW:
    However, with the addition of the SCTP extension specified in
    [I-D.ietf-tsvwg-addip-sctp], an endpoint that is NOT a
    man-in-the-middle may be able to assume another endpoints association.



Section 3.2., paragraph 2:
OLD:
    1) Both endpoints must support the [I-D.ietf-tsvwg-addip-sctp]
       extension.

NEW:
    1) Both endpoints must support the SCTP extension specified in
       [I-D.ietf-tsvwg-addip-sctp].


Section 3.2., paragraph 3:
OLD:
    2) One of the endpoints must be using the [I-D.ietf-tsvwg-addip-sctp]
       extension for mobility.

NEW:
    2) One of the endpoints must be using the SCTP extension for mobility
       specified in [I-D.ietf-tsvwg-addip-sctp].


Section 3.3., paragraph 1:
OLD:
    this attack.  Furthermore the use of the [I-D.ietf-tsvwg-addip-sctp]
    extensions requires the use of the authentication mechanism defined
    in [I-D.ietf-tsvwg-sctp-auth].

NEW:
    this attack.  Furthermore, use of the SCTP extension specified in
    [I-D.ietf-tsvwg-addip-sctp] requires the use of the authentication
    mechanism defined in [I-D.ietf-tsvwg-sctp-auth].


Section 13.2., paragraph 1:
OLD:
    [effects]  Aura, T., Nikander, P., and G. Camarillo, "Effects of
    ^^^^^^^^^
NEW:
    [EFFECTS]  Aura, T., Nikander, P., and G. Camarillo, "Effects of
    ^^^^^^^^^


_______________________________________________
IETF-Announce mailing list
IETF-Announce at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce

Prev by Date: Protocol Action: 'DNS Name Server Identifier Option (NSID)' to Proposed Standard
Next by Date: Protocol Action: 'Stream Control Transmission Protocol' to Proposed Standard
Previous by thread: Protocol Action: 'DNS Name Server Identifier Option (NSID)' to Proposed Standard
Next by thread: Protocol Action: 'Stream Control Transmission Protocol' to Proposed Standard
Index(es):
- Date
- Thread