Richard pointed out that we should cover issues DTLS renegotiation. Recently, as you may have been aware, there have been vulnerabilities discovered with TLS renegotiation. In general, DTLS tends to be less vulnerable to the attacks described, but there still can be issues. During renegotiation new parameters can be renegotiated for the connection and, with most libraries, the application does not know that a change occurred. In general I think it would be best to avoid renegotiation, however this means that in the case of extremely long lived connections the connection will need to be broken and started again at some point.
Below is the text I suggest adding to the security considerations of the document. 8.1 DTLS Renegotiation TLS and DTLS renegotiation may be vulnerable to attacks described in RFC 5746. Although RFC 5746 provides a fix for some of the issues, renegotiation can still cause problems for applications since connection security parameters can change without the application knowing it. There for it is RECOMMENDED that renegotiation be disabled for syslog over DTLS. If, for some reason, renegotiation is allowed then the specification in RFC 5746 MUST be followed and the implementation MUST make sure that the connection security parameters do not change during renegotiation. _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
