draft-ietf-mmusic-sdp-srcfilter-04.txt   draft-ietf-mmusic-sdp-srcfilter-05.txt 
Network Working Group Bob Quinn Network Working Group Bob Quinn
INTERNET-DRAFT Celox Networks INTERNET-DRAFT Celox Networks
Category: Standards Track Ross Finlayson Category: Standards Track Ross Finlayson
Expires: October 2003 LIVE.COM Expires: November 2003 LIVE.COM
April 15, 2003 May 15, 2003
Session Description Protocol (SDP) Source Filters Session Description Protocol (SDP) Source Filters
<draft-ietf-mmusic-sdp-srcfilter-04.txt> <draft-ietf-mmusic-sdp-srcfilter-05.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts. groups may also distribute working documents as Internet-Drafts.
skipping to change at line 368 skipping to change at line 368
(e.g., many-to-many). Use of a source-filter excludes some (unknown (e.g., many-to-many). Use of a source-filter excludes some (unknown
or undesirable) senders, which lends itself more to one-to-many or or undesirable) senders, which lends itself more to one-to-many or
few-to-few type multicast applications. few-to-few type multicast applications.
Although these two models have contrasting operational Although these two models have contrasting operational
characteristics and requirements, they can coexist on the same characteristics and requirements, they can coexist on the same
network using the same protocols. Use of source-filters do not network using the same protocols. Use of source-filters do not
corrupt the ASM semantics but provide more control for receivers, corrupt the ASM semantics but provide more control for receivers,
at their discretion. at their discretion.
5. Normative References 5. Security Considerations
[ABNF] Crocker, D., P. Overell, "Augmented BNF for Syntax
Specifications: ABNF," RFC 2234, November 1997.
[REQMNT] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels," BCP 14, RFC 2119, March 1997.
[RTCP-SSM] Chesterfield, J., E. Schooler, J. Ott,
"RTCP Extensions for Single-Source Multicast Sessions
with Unicast Feedback," Work in progress, March 2003.
[SDP] Handley, M., V. Jacobson, C. Perkins,
"SDP: Session Description Protocol,"
Work in Progress, March 2003.
[UTF-8] Yergeau, F., "UTF-8, a transformation format of Unicode
and ISO 10646," RFC 2044, October 1996.
6. Informative References
[CA-96.21] CERT Advisory CA-96.21, "TCP SYN Flooding and IP
Spoofing Attacks," September 1996.
[IGMPv1] Deering, S., "Host Extensions for IP Multicasting,"
RFC 1112 (STD 5), August 1989.
[IGMPv3] Cain, B. et al. "Internet Group Management Protocol,
Version 3,", Work in progress, May 2002.
[MSF API] Thaler, D., B. Fenner, B. Quinn, "Socket Interface
Extensions for Multicast Source Filters,"
Work in progress, July 2002.
[SSM] Bhattacharyya, S. et al., "An Overview of Source-Specific
Multicast (SSM)," Work in progress, October 2002.
7. Security Considerations
See [SDP] for security considerations specific to the Session See [SDP] for security considerations specific to the Session
Description Protocol in general. The central issue relevant to Description Protocol in general. The central issue relevant to
using unicast source address filters is the question of address using unicast source address filters is the question of address
authenticity. authenticity.
Using the source IP address for authentication is weak, since Using the source IP address for authentication is weak, since
addresses are often dynamically assigned and it is possible for a addresses are often dynamically assigned and it is possible for a
sender to "spoof" its source address (i.e., use one other than its sender to "spoof" its source address (i.e., use one other than its
own) in datagrams that it sends. Proper router configuration, own) in datagrams that it sends. Proper router configuration,
skipping to change at line 428 skipping to change at line 391
encouraged to filter traffic so that datagrams with invalid source encouraged to filter traffic so that datagrams with invalid source
addresses are not forwarded (e.g., routers drop datagrams if the addresses are not forwarded (e.g., routers drop datagrams if the
source address is non-local) [CA-96.21]. source address is non-local) [CA-96.21].
Use of FQDNs for either <dest-address> or <src-list> values provides Use of FQDNs for either <dest-address> or <src-list> values provides
a layer of indirection that provides great flexibility. However, it a layer of indirection that provides great flexibility. However, it
also exposes the source-filter to any security inadequacies that the also exposes the source-filter to any security inadequacies that the
DNS system may have. If unsecured, it is conceivable that the DNS DNS system may have. If unsecured, it is conceivable that the DNS
server could return illegitimate addresses. server could return illegitimate addresses.
8. IANA Considerations 6. IANA Considerations
As recommended by [SDP] (Appendix B), the new attribute name As recommended by [SDP] (Appendix B), the new attribute name
"source-filter" should be registered with IANA, as follows: "source-filter" should be registered with IANA, as follows:
The following contact information shall be used for all The following contact information shall be used for all
registrations included here: registrations included here:
Contact: Ross Finlayson Contact: Ross Finlayson
email: finlayson (at) live.com email: finlayson (at) live.com
phone: +1-650-254-1184 phone: +1-650-254-1184
skipping to change at line 450 skipping to change at line 413
SDP Attribute ("att-field"): SDP Attribute ("att-field"):
Attribute name: source-filter Attribute name: source-filter
Long form: Source Filter Long form: Source Filter
Type of name: att-field Type of name: att-field
Type of attribute: Session level or media level Type of attribute: Session level or media level
Subject to charset: No Subject to charset: No
Purpose: See this document Purpose: See this document
Reference: This document Reference: This document
Values: See this document, and registrations below Values: See this document, and registrations below
In addition, a new sub-registry needs to be set up for the 7. Acknowledgements
"filter-mode" values of the "source-filter" attribute, with the
following registrations created initially: "incl", "excl", as defined
in this document:
Source Filter Mode ("filter-mode"):
Value name: incl
Long name: Inclusion
Reference: This document
Value name: excl
Long name: Exclusion
Reference: This document
9. Acknowledgements
The authors would like to thank Dave Thaler and Mark Handley, whose The authors would like to thank Dave Thaler and Mark Handley, whose
input provided much of the substance of this document. Magnus input provided much of the substance of this document. Magnus
Westerlund also provided valuable feedback during editing. Westerlund also provided valuable feedback during editing.
8. Normative References
[ABNF] Crocker, D., P. Overell, "Augmented BNF for Syntax
Specifications: ABNF," RFC 2234, November 1997.
[REQMNT] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels," BCP 14, RFC 2119, March 1997.
[RTCP-SSM] Chesterfield, J., E. Schooler, J. Ott,
"RTCP Extensions for Single-Source Multicast Sessions
with Unicast Feedback," Work in progress, March 2003.
[SDP] Handley, M., V. Jacobson, C. Perkins,
"SDP: Session Description Protocol,"
Work in Progress, March 2003.
[UTF-8] Yergeau, F., "UTF-8, a transformation format of Unicode
and ISO 10646," RFC 2044, October 1996.
9. Informative References
[CA-96.21] CERT Advisory CA-96.21, "TCP SYN Flooding and IP
Spoofing Attacks," September 1996.
[IGMPv1] Deering, S., "Host Extensions for IP Multicasting,"
RFC 1112 (STD 5), August 1989.
[IGMPv3] Cain, B. et al. "Internet Group Management Protocol,
Version 3,", Work in progress, May 2002.
[MSF API] Thaler, D., B. Fenner, B. Quinn, "Socket Interface
Extensions for Multicast Source Filters,"
Work in progress, July 2002.
[SSM] Bhattacharyya, S. et al., "An Overview of Source-Specific
Multicast (SSM)," Work in progress, October 2002.
10. Authors' Addresses 10. Authors' Addresses
Bob Quinn Bob Quinn
Celox Networks Celox Networks
2 Park Central Drive 2 Park Central Drive
Southborough, MA 01772 Southborough, MA 01772
phone: 508-305-7000 phone: 508-305-7000
email: bquinn (at) celoxnetworks.com email: bquinn (at) celoxnetworks.com
Ross Finlayson Ross Finlayson
skipping to change at line 577 skipping to change at line 563
; in [SDP]. ; in [SDP].
src-list = *(addr SP) addr src-list = *(addr SP) addr
; one or more unicast source addresses (in ; one or more unicast source addresses (in
; standard IPv4 or IPv6 ASCII-notation form) ; standard IPv4 or IPv6 ASCII-notation form)
; or FQDNs. ; or FQDNs.
; addr is as defined in [SDP]. ; addr is as defined in [SDP].
; SP is the ASCII 'space' character ; SP is the ASCII 'space' character
; (0x20, defined in [ABNF]). ; (0x20, defined in [ABNF]).
Expires: October 2003 April 15, 2003 Expires: November 2003 May 15, 2003
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/