An attacker removing group lines using ANAT semantics could make an
end-point establish a higher number of media streams. If the
end-point sends media over all of them, the session bandwidth may
increase dramatically.
It is thus strongly RECOMMENDED that integrity protection be applied
to the SDP session descriptions. For session descriptions carried in
SIP [3], S/MIME is the natural choice to provide such end-to-end
integrity protection, as described in RFC 3261 [3]. Other
applications MAY use a different form of integrity protection.
8. IANA Considerations
The IANA has registered the following new 'semantics' attribute for
the SDP grouping framework [4]:
Semantics Token Reference
--------------------------------- ----- ---------
Alternative Network Address Types ANAT [RFC4091]
ANAT has been registered in the SDP parameters registry under
Semantics for the "group" SDP Attribute.
9. References
9.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[2] Handley, M. and V. Jacobson, "SDP: Session Description
Protocol", RFC 2327, April 1998.
[3] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002.
[4] Camarillo, G., Eriksson, G., Holler, J., and H. Schulzrinne,
"Grouping of Media Lines in the Session Description Protocol
(SDP)", RFC 3388, December 2002.
[5] Camarillo, G. and J. Rosenberg, "Usage of the Session
Description Protocol (SDP) Alternative Network Address Types
(ANAT) Semantics in the Session Initiation Protocol (SIP)", RFC
4092, June 2005.
9.2. Informative References
[6] Rosenberg, J., "Interactive Connectivity Establishment (ICE): A
Methodology for Network Address Translator (NAT) Traversal for
Multimedia Session Establishment Protocols", Work in Progress,
February 2005.
Authors' Addresses
Gonzalo Camarillo
Ericsson
Hirsalantie 11
Jorvas 02420
Finland
EMail: Gonzalo.Camarillo@ericsson.com
Jonathan Rosenberg
Cisco Systems
600 Lanidex Plaza
Parsippany, NJ 07054
US
EMail: jdrosen@cisco.com
Full Copyright Statement
精品推荐