Host Threats to Protocol Independent Multicast (PIM)
RFC 5294

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    pim mailing list <pim@ietf.org>, 
    pim chair <pim-chairs@tools.ietf.org>
Subject: Document Action: 'Host Threats to Protocol Independent 
         Multicast (PIM)' to Informational RFC 

The IESG has approved the following document:

- 'Host Threats to Protocol Independent Multicast (PIM) '
   <draft-ietf-pim-lasthop-threats-05.txt> as an Informational RFC

This document is the product of the Protocol Independent Multicast 
Working Group. 

The IESG contact persons are David Ward and Ross Callon.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-pim-lasthop-threats-05.txt

Technical Summary

  There has been some analysis of the security threats to the multicast
   routing infrastructures [RFC4609], some work on implementing
   confidentiality, integrity and authorization in the multicast payload
   [RFC3740], and also some analysis of security threats in IGMP/MLD
   [I-D.daley-magma-smld-prob], but no comprehensive analysis of
   security threats to PIM at the host-connecting (typically "Local Area
   Network") links.

   We define these PIM host threats to include:

   o  Nodes using PIM to attack or deny service to hosts on the same
      link,

   o  Nodes using PIM to attack or deny service to valid multicast
      routers on the link, or

   o  Nodes using PIM (Register messages) to bypass the controls of
      multicast routers on the link.

   The attacking node is typically a host or a host acting as an
   illegitimate router.

   A node originating multicast data can disturb existing receivers of
   the group on the same link, but this issue is not PIM-specific so it
   is out of scope.  Subverting legitimate routers is out of scope.
   Security implications on multicast routing infrastructure are
   described in [RFC4609].

   This document analyzes the PIM host-interface vulnerabilities,
   formulates a few specific threats, proposes some potential ways to
   mitigate these problems and analyzes how well those methods
   accomplish fixing the issues.

   It is assumed that the reader is familiar with the basic concepts of
   PIM.

Working Group Summary

   Yes, no issues.

Document Quality

  Good review from outside the WG

Personnel

   Dave Ward