On Nov 9, 2012, at 10:42 AM, Dean Willis wrote: > AD asks: section 6.4.2.1: What prevents/detects replay of JoinReq messages? > If replay worked, then I could cause lots of havoc since the responding peer > will do a bunch of Stores and Updates. > > > 6.4.2.2 says "Because leaves may only be executed between nodes which are > directly > adjacent, receiving peers MUST verify that any LeaveReq they receive > arrives from a transport channel that is bound to the Node-ID to be > assumed by the leaving peer.) This also prevents replay attacks > provided that DTLS anti-replay is used.". > > > There's no such text for JoinReq and I'm not exactly sure that the rest of > the document prevents routing of LeaveReq or JoinReq. > > How do we want to handle this?
I met with Cullen and EKR today on this. The document DOES have text for JoinReq. I wlll review the document for other incidental mentions of routing of LeaveReq and JoinReq and if I find any, will take steps to fix them. If you are aware of any such text, please point it out to me. -- Dean _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
