User-Defined Errors for RSVP
draft-ietf-tsvwg-rsvp-user-error-spec-08
Yes
(David Ward)
(Magnus Westerlund)
(Ron Bonica)
No Objection
(Cullen Jennings)
(Jari Arkko)
(Jon Peterson)
(Lars Eggert)
(Lisa Dusseault)
(Ross Callon)
(Russ Housley)
(Tim Polk)
Note: This ballot was opened for revision 08 and is now closed.
Chris Newman Former IESG member
(was No Objection, No Record, Discuss)
Yes
Yes
(2008-06-26)
Unknown
For AUTH48: The new text has a number of typos, like "strngs" and "Descriprion".
David Ward Former IESG member
Yes
Yes
()
Unknown
Magnus Westerlund Former IESG member
Yes
Yes
()
Unknown
Ron Bonica Former IESG member
Yes
Yes
()
Unknown
Cullen Jennings Former IESG member
No Objection
No Objection
()
Unknown
Jari Arkko Former IESG member
(was Discuss)
No Objection
No Objection
()
Unknown
Jon Peterson Former IESG member
No Objection
No Objection
()
Unknown
Lars Eggert Former IESG member
No Objection
No Objection
()
Unknown
Lisa Dusseault Former IESG member
No Objection
No Objection
()
Unknown
Pasi Eronen Former IESG member
No Objection
No Objection
(2008-05-05)
Unknown
Based on Stephen Hanna's SecDir review: especially since RSVP packets don't usually contain ASCII strings, it might be a good idea to say in security considerations that the received string must be processed carefully (as it could contain e.g. control characters, printf format strings, SQL injection, or whatever). Stephen's suggested text: Like any other data received from a partially trusted party, the recipient MUST carefully check the USER_ERROR_SPEC object and its contents to make sure that it does not contain any malformed or illegal values and will not cause any buffer overruns or other processing errors that could cause reliability or security problems. The Error Description should be examined especially carefully if it is to be logged or displayed since it may eventually be processed by other code with poor error handling. Any control characters (bytes with values 0-31 and 127 decimal) or non-ASCII characters (128-255 decimal) MUST be removed. Other characters may need to be removed from the string, depending on the logging system in use and the range of characters that it can accept. If the logging or display system has escaping or another post-processing step that could give special meaning to the characters in the string, protection against injection attacks SHOULD be included in the RSVP code. Typos: In section 3, "Criticial" should be "Critical". In section 4.2, "display of logging" should be "display or logging".
Ross Callon Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
No Objection
No Objection
()
Unknown
Tim Polk Former IESG member
No Objection
No Objection
()
Unknown