1 / 8

ALTO Server Discovery draft-ietf-alto-server-discovery-03 IETF#83, Paris, France 2012-03-29

ALTO Server Discovery draft-ietf-alto-server-discovery-03 IETF#83, Paris, France 2012-03-29. S. Kiesel, M. Stiemerling , N. Schwan, M. Scharf , H. Song martin.stiemerling@neclab.eu. Updates in -03. Normative Language aligned

tomai
Télécharger la présentation

ALTO Server Discovery draft-ietf-alto-server-discovery-03 IETF#83, Paris, France 2012-03-29

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ALTO Server Discoverydraft-ietf-alto-server-discovery-03IETF#83, Paris, France2012-03-29 S. Kiesel, M. Stiemerling, N. Schwan,M. Scharf, H. Song martin.stiemerling@neclab.eu

  2. Updates in -03 • Normative Language aligned • Addresses items identified by expert review(Thanks to Olafur Gudmundsson) • New section: Operational Considerations • New section: General Security Considerations

  3. Items addressing Expert Review • Clarifications in Introduction • Goal is to find closest ALTO server • Rational for U-NAPTR is to find URL not only server name • ALTO servers cannot redirect clients to better server • New Pre-Conditions - Not in scope: • Best ALTO server for multi-interfaced client • NAT discovery • Clarified use of methods to retrieve domain name • „A client SHOULD use the first DNS suffix determined and MAY try other methods in case the U-NAPTR lookup failed.„ • Shortening of domain suffixes reduced to one step

  4. Items addressing Expert Review New section: Operational Considerations • Reverse DNS lookup Limitations • No unique way of maintaining the DNS tree • Clients must be able to deal with failures of the reverse DNS lookup • Tree climbing is problematic, in particular for IPv6 [RFC4472] • Populating a DNS name space like a reverse tree is a significant administrative DNS overhead • Tree walking raises several issues: Only one step for shortening  Implementers SHOULD consider skipping this step

  5. Items addressing Expert Review New section: General Security Considerations • Two failures caused by malicious attacks or by configuration problems • Discovery fails even if suitable ALTO server exists Application performance corresponds to scenario without ALTO guidance No significant additional security risk • Discovery yields sub-optimal or wrong ALTO server • ALTO service useless as no suitable information available • Sub-optimal or forged information Performance problems or potentially unwanted traffic  Disabling of ALTO service as counter measure

  6. Next Steps • All items addressed?

  7. Thank youand Time for your questions!

  8. Acks • Nico Schwan is partially supported by the ENVISION project (http://www.envision-project.org), a research project supported by the European Commission under its 7th Framework Program (contract no. 248565). The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the ENVISION project or the European Commission. • Michael Scharf is supported by the German-Lab project (http://www.german-lab.de) funded by the German Federal Ministry of Education and Research (BMBF). • Martin Stiemerling is partially supported by the COAST project (COntent Aware Searching, retrieval and sTreaming, http://www.coast-fp7.eu), a research project supported by the European Commission under its 7th Framework Program contract no. 248036). The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the COAST project or the European Commission.

More Related