View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0003951 | 10000-006: Mappings | Spec | public | 2017-09-15 03:12 | 2017-11-07 16:54 |
Reporter | Paul Hunkar | Assigned To | randyarmstrong | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Summary | 0003951: OpenSecureChannel and out of channels | ||||
Description | Typically, if a client is trying to open a secure channel, but the device has no secure channels remaining the port is just closed. The specification does not describe this behavior? it does not describe what a client should do if it encounters this? A device that support 2 connections, gets two valid client connections (that establish session and are using the sessions), then a third valid client connection is attempted. The client only get a closed port, so they retry, and end up trigger a DoS attack, in that they keep retrying (often). Would it not be better to check the opensecurechannel request and if valid return an error -NoSecureChannelAvailable. then the spec can describe that the client should delay (increasing delay) and re-try the connection. Even if the secure channel check is not made and the channel is just closed (which might be ok for protecting against DoS attackes) the client behavior should still be discussed in the specification. | ||||
Tags | No tags attached. | ||||
Commit Version | |||||
Fix Due Date | |||||
Date Modified | Username | Field | Change |
---|---|---|---|
2017-09-15 03:12 | Paul Hunkar | New Issue | |
2017-09-24 18:37 | Matthias Damm | Assigned To | => Matthias Damm |
2017-09-24 18:37 | Matthias Damm | Status | new => assigned |
2017-09-26 13:06 | Jim Luth | Note Added: 0008497 | |
2017-09-27 15:41 | Matthias Damm | Project | 10000-004: Services => 10000-006: Mappings |
2017-09-27 15:41 | Matthias Damm | Assigned To | Matthias Damm => randyarmstrong |
2017-10-31 15:52 | Jim Luth | Target Version | => 1.04 |
2017-11-06 04:07 | randyarmstrong | Note Added: 0008640 | |
2017-11-06 04:07 | randyarmstrong | Status | assigned => resolved |
2017-11-06 04:07 | randyarmstrong | Resolution | open => fixed |
2017-11-07 16:54 | Jim Luth | Note Added: 0008651 | |
2017-11-07 16:54 | Jim Luth | Status | resolved => closed |
2017-11-07 16:54 | Jim Luth | Fixed in Version | => 1.04 |