[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: C API: minor comments

To: Mark Wahl <M.Wahl@INNOSOFT.COM>
Subject: Re: C API: minor comments
From: "Kurt D. Zeilenga" <kurt@boolean.net>
Date: Mon, 15 Nov 1999 15:11:11 -0800
Cc: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>, mcs@netscape.com, howes@yahoo.com, "Andy Herron (Exchange)" <andyhe@Exchange.Microsoft.com>, "Anoop Anantha (Exchange)" <anoopa@Exchange.Microsoft.com>, kurt@OpenLDAP.Org, ietf-ldapext@netscape.com
In-reply-to: <834.942706190@threadgill.austin.innosoft.com>
References: <"Your message of Mon, 15 Nov 1999 14:43:13 PST." <19398D273324D3118A2B0008C7E9A569051BEAA4@SIT.platinum.corp.microsoft.com>
Resent-date: Mon, 15 Nov 1999 15:12:48 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"X1ZaI.A.DDF.nNJM4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

At 04:49 PM 11/15/99 -0600, Mark Wahl wrote:
>
>> > Implementations of the API SHOULD begin numbering messages with 1, to 
>> > be able to easily distinguish client-generated requests and 
>> > unsolicited
>> > notifications.
>
>> Quite probably a bad idea. It means that the IDs are predictable, making it
>> easier for an attacker to spoof requests or replies. It may not matter as
>> much with LDAP/TCP, but with LDAP/UDP it would.

Replies and Responses can just as easily be spoofed if the IDs are not
predictable.

>> How about suggesting that requests be even and unsolicited notifications be
>> odd?
>
>Unsolicited is zero.  How about this instead:
>
> Implementations of the API SHOULD assign message IDs for client generated
> requests in a range between 1 and 2147483647, to be able to easily 
> distinguish them from unsolicited notifications.

I would suggestion:

  API implementations MUST assign a non-zero message ID for client
  requests.  This ensures that all responses with message ID zero (0)
  will be unsolicited notifications.   Typical API implementations
  increment a counter for each request.

Note: the last sentence is consistent with RFC2251.  If this is
a security risk, I suggest adding a security consideration to
both RFC2251 and this draft stating the applications concerned
about spoofing should utilize a secure transport.

----
Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>

Follow-Ups:
- Re: C API: minor comments
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>

References:
- RE: C API: minor comments
  - From: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>
- Re: C API: minor comments
  - From: Mark Wahl <M.Wahl@INNOSOFT.COM>

Prev by Date: Re: AuthzIDs or DNs, but not both
Next by Date: Re: C API: minor comments
Index(es):
- Chronological
- Thread