Jouni, The requirement 6 is for access network security, whereas the requirement 7 is for end-to-end security.
Agree; those are the minimum security requirements. But, I’m not sure if it would be better to merge them into one. We cannot stress enough how important these are. ;) Cheers. On Fri, May 18, 2012 at 2:13 AM, jouni korhonen <[email protected]>wrote: > > I would consider grouping REQ-6 and REQ-7 as a minimum security > requirements > for a DMM solution.. > > - Jouni > > On May 7, 2012, at 9:15 PM, h chan wrote: > > > REQ-7: Signaling message protection > > Signaling messages of the protocol solutions for DMM SHALL be protected > in terms of authentication, data integrity, and data confidentiality. Data > confidentiality to signaling messages SHALL be opt-in or opt-out depending > on network environments or user requirements. > > > > REQ-7M (Motivation and problem statement) > > Signaling messages are subject to various attacks since those messages > carry context of a mobile host/router. For instance, a malicious node can > forge and send a number of signaling messages to redirect traffic to a > specific node. The result of such an attack is both the specific node > becomes under a denial of service attack and other nodes do not receive > their traffic. As signaling messages travel over the Internet, the > end-to-end security is required. > > > > > > (The above has been drafted with contributions, inputs and discussions > from various people. Additional contributions and comments are most > welcome.) > > > > H Anthony Chan > > > > > > _______________________________________________ > > dmm mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/dmm > > _______________________________________________ > dmm mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmm > -- RSM Department, TELECOM Bretagne, France Jong-Hyouk Lee, living somewhere between /dev/null and /dev/random #email: jonghyouk (at) gmail (dot) com #webpage: http://sites.google.com/site/hurryon/
_______________________________________________ dmm mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmm
