Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect and properly respond to subtler RRDP session desynchronization #113

Open
ydahhrk opened this issue Apr 21, 2024 · 0 comments
Open

Detect and properly respond to subtler RRDP session desynchronization #113

ydahhrk opened this issue Apr 21, 2024 · 0 comments
Labels
Urgency: Medium
Milestone
2.0.0-rc1

Comments

@ydahhrk
Copy link
Member

ydahhrk commented Apr 21, 2024

Per RFC 8182, FORT relies on simple checks on the RRDP session and serial to detect session desynchronization. Subtler session desynchronization could be pinpointed by keeping track of the hashes of the recently applied deltas.

This is a protection against incorrectly implemented RRDP servers, not malicious ones. As far as I can tell, the problem is unlikely.

See draft-ietf-sidrops-rrdp-desynchronization for more details.

Currently in development in the draft-spaghetti-sidrops-rrdp-desynchronization branch.
@ydahhrk ydahhrk added this to the 1.6.3 milestone May 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Urgency: Medium
Projects
None yet
Milestone
2.0.0-rc1
Development

No branches or pull requests
1 participant
@ydahhrk