View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000395110000-006: MappingsSpecpublic2017-09-15 03:122017-11-07 16:54
ReporterPaul Hunkar Assigned Torandyarmstrong  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Summary0003951: OpenSecureChannel and out of channels
Description

Typically, if a client is trying to open a secure channel, but the device has no secure channels remaining the port is just closed. The specification does not describe this behavior? it does not describe what a client should do if it encounters this?

A device that support 2 connections, gets two valid client connections (that establish session and are using the sessions), then a third valid client connection is attempted. The client only get a closed port, so they retry, and end up trigger a DoS attack, in that they keep retrying (often). Would it not be better to check the opensecurechannel request and if valid return an error -NoSecureChannelAvailable. then the spec can describe that the client should delay (increasing delay) and re-try the connection. Even if the secure channel check is not made and the channel is just closed (which might be ok for protecting against DoS attackes) the client behavior should still be discussed in the specification.

TagsNo tags attached.
Commit Version
Fix Due Date

Activities

Jim Luth

2017-09-26 13:06

administrator   ~0008497

Agreed to add this as a recommendation for a Server. Belongs in Part 6.

randyarmstrong

2017-11-06 04:07

administrator   ~0008640

Fixed in DRAFT 1.04.30

Jim Luth

2017-11-07 16:54

administrator   ~0008651

Agreed to changes edited in Telecon.

Issue History

Date Modified Username Field Change
2017-09-15 03:12 Paul Hunkar New Issue
2017-09-24 18:37 Matthias Damm Assigned To => Matthias Damm
2017-09-24 18:37 Matthias Damm Status new => assigned
2017-09-26 13:06 Jim Luth Note Added: 0008497
2017-09-27 15:41 Matthias Damm Project 10000-004: Services => 10000-006: Mappings
2017-09-27 15:41 Matthias Damm Assigned To Matthias Damm => randyarmstrong
2017-10-31 15:52 Jim Luth Target Version => 1.04
2017-11-06 04:07 randyarmstrong Note Added: 0008640
2017-11-06 04:07 randyarmstrong Status assigned => resolved
2017-11-06 04:07 randyarmstrong Resolution open => fixed
2017-11-07 16:54 Jim Luth Note Added: 0008651
2017-11-07 16:54 Jim Luth Status resolved => closed
2017-11-07 16:54 Jim Luth Fixed in Version => 1.04