Re: [Sip] I-D Action:draft-ietf-sip-fork-loop-fix-08.txt

Wed, 29 Oct 2008 15:08:29 -0700 

This revision attempts to address some concerns raised in IESG review.
If you haven't been tracking this, the details are at:

https://datatracker.ietf.org/idtracker/draft-ietf-sip-fork-loop-fix/

RjS

On Oct 29, 2008, at 5:00 PM, [EMAIL PROTECTED] wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Session Initiation Protocol Working Group of the IETF.
Title : Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Forking Proxies 
        Author(s)       : R. Sparks, et al.
        Filename        : draft-ietf-sip-fork-loop-fix-08.txt
        Pages           : 26
        Date            : 2008-10-29

This document normatively updates RFC 3261, the Session Initiation
Protocol (SIP), to address a security vulnerability identified in SIP
proxy behavior.  This vulnerability enables an attack against SIP
networks where a small number of legitimate, even authorized, SIP
requests can stimulate massive amounts of proxy-to-proxy traffic.
This document strengthens loop-detection requirements on SIP proxies
when they fork requests (that is, forward a request to more than one
destination).  It also corrects and clarifies the description of the
loop-detection algorithm such proxies are required to implement.
Additionally, this document defines a Max-Breadth mechanism for
limiting the number of concurrent branches pursued for any given
request.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sip-fork-loop- fix-08.txt 

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<mime-attachment>_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip


_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use [EMAIL PROTECTED] for questions on current sip
Use [EMAIL PROTECTED] for new developments on the application of sip

Reply via email to