At Wed, 01 Jul 2009 11:01:34 +0800, Song Haibin wrote: > >Which of the requirements in this document do you believe fit > >that description? > > What about system security requirement 6, 11 and 12?
For those of you who can't read Word, these are: > Req. 6: The system must be able to identify repeat and delay attacks Well, these are both normal functions of a best-effort network, so I'm not sure how one would determine whether a node was misbehaving. > Req. 11: An owner of P2PSIP resource (user) record MAY indicate > which users or network entities can retrieve, modify, and delete > data stored in their P2PSIP resource (user) records. I actually think this is a bad idea. Previous experiences with trying to design access control systems (see WebDAV ACLs) have turned out to be really overcomplicated. As far as I can tell, this isn't necessary for the SIP use cases. > Req. 12: It SHOULD be possible to limit the impact of badly behaving > P2PSIP nodes on the overall system security. There SHOULD be an > option to identify malfunctioning or badly behaving nodes, and exclude > or reject them from the P2PSIP system. Hmm... It seems to me that this is already possible at least in some sense: you use short-lived certificates and then refuse to reissue their certificates. Did you have something else in mind? CRLs? -Ekr _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
