Presentation is loading. Please wait.

Presentation is loading. Please wait.

ALTO Server Discovery draft-ietf-alto-server-discovery-03 IETF#83, Paris, France 2012-03-29 S. Kiesel, M. Stiemerling, N. Schwan, M. Scharf, H. Song

Published byCuthbert Thomas Modified over 9 years ago

Similar presentations

Presentation on theme: "ALTO Server Discovery draft-ietf-alto-server-discovery-03 IETF#83, Paris, France 2012-03-29 S. Kiesel, M. Stiemerling, N. Schwan, M. Scharf, H. Song"— Presentation transcript:

1 ALTO Server Discovery draft-ietf-alto-server-discovery-03 IETF#83, Paris, France 2012-03-29 S. Kiesel, M. Stiemerling, N. Schwan, M. Scharf, H. Song martin.stiemerling@neclab.eu

2 Updates in -03 Normative Language aligned Addresses items identified by expert review (Thanks to Olafur Gudmundsson) – New section: Operational Considerations – New section: General Security Considerations

3 Items addressing Expert Review Clarifications in Introduction – Goal is to find closest ALTO server – Rational for U-NAPTR is to find URL not only server name – ALTO servers cannot redirect clients to better server New Pre-Conditions - Not in scope: – Best ALTO server for multi-interfaced client – NAT discovery Clarified use of methods to retrieve domain name – „A client SHOULD use the first DNS suffix determined and MAY try other methods in case the U-NAPTR lookup failed.„ – Shortening of domain suffixes reduced to one step

4 Items addressing Expert Review New section: Operational Considerations Reverse DNS lookup Limitations – No unique way of maintaining the DNS tree – Clients must be able to deal with failures of the reverse DNS lookup – Tree climbing is problematic, in particular for IPv6 [RFC4472] – Populating a DNS name space like a reverse tree is a significant administrative DNS overhead – Tree walking raises several issues: Only one step for shortening  Implementers SHOULD consider skipping this step

5 Items addressing Expert Review New section: General Security Considerations Two failures caused by malicious attacks or by configuration problems – Discovery fails even if suitable ALTO server exists  Application performance corresponds to scenario without ALTO guidance  No significant additional security risk – Discovery yields sub-optimal or wrong ALTO server ALTO service useless as no suitable information available Sub-optimal or forged information  Performance problems or potentially unwanted traffic  Disabling of ALTO service as counter measure

6 Next Steps All items addressed?

7 Thank you and Time for your questions!

8 Acks Nico Schwan is partially supported by the ENVISION project (http://www.envision-project.org), a research project supported by the European Commission under its 7th Framework Program (contract no. 248565). The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the ENVISION project or the European Commission. Michael Scharf is supported by the German-Lab project (http://www.german- lab.de) funded by the German Federal Ministry of Education and Research (BMBF). Martin Stiemerling is partially supported by the COAST project (COntent Aware Searching, retrieval and sTreaming, http://www.coast-fp7.eu), a research project supported by the European Commission under its 7th Framework Program contract no. 248036). The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the COAST project or the European Commission.

Download ppt "ALTO Server Discovery draft-ietf-alto-server-discovery-03 IETF#83, Paris, France 2012-03-29 S. Kiesel, M. Stiemerling, N. Schwan, M. Scharf, H. Song"

Similar presentations

Internet Area IPv6 Multi-Addressing, Locators and Paths.

Internet Area IPv6 Multi-Addressing, Locators and Paths.
Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park

Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park
Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.

Sweeping lame DNS reverse delegations APNIC16 – DNS Operations SIG Seoul, Korea, 20 August 2003.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
DirectAccess is an Enterprise Solution: No support for Windows 7 Professional Requires two consecutive public IP addresses Cannot NAT to the DirectAccess.

DirectAccess is an Enterprise Solution: No support for Windows 7 Professional Requires two consecutive public IP addresses Cannot NAT to the DirectAccess.
Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.

Flash Crowds And Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites Aaron Beach Cs395 network security.
1 DNS Name Service based on Secure Multicast DNS for IPv6 Mobile Ad-hoc Network Jaehoon Jeong, ETRI ICACT.

1 DNS Name Service based on Secure Multicast DNS for IPv6 Mobile Ad-hoc Network Jaehoon Jeong, ETRI ICACT.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
DISTRIBUTED PROCESS IMPLEMENTAION BHAVIN KANSARA.

DISTRIBUTED PROCESS IMPLEMENTAION BHAVIN KANSARA.
Infrastructure to Application Exposure - USE CASE: CDN – Jan Seedorf IETF 83, Paris i2aex BoF Monday, March 26 2012 1300-1500.

Infrastructure to Application Exposure - USE CASE: CDN – Jan Seedorf IETF 83, Paris i2aex BoF Monday, March
CORDRA Philip V.W. Dodds March 2004. The “Problem Space” The SCORM framework specifies how to develop and deploy content objects that can be shared and.

CORDRA Philip V.W. Dodds March The “Problem Space” The SCORM framework specifies how to develop and deploy content objects that can be shared and.
Understanding Active Directory

Understanding Active Directory
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
LIS Discovery using IP address and Reverse DNS draft-thomson-geopriv-res-gw-lis-discovery-03 Ray Bellis, Advanced Projects, Nominet UK IETF 77, GeoPriv.

LIS Discovery using IP address and Reverse DNS draft-thomson-geopriv-res-gw-lis-discovery-03 Ray Bellis, Advanced Projects, Nominet UK IETF 77, GeoPriv.
July 18th, 200254th IETF Yokohama A Protocol for Anycast Address Resolving Shingo Ata, Osaka City University Hiroshi Kitamura,

July 18th, th IETF Yokohama A Protocol for Anycast Address Resolving Shingo Ata, Osaka City University Hiroshi Kitamura,
Ch 8-3 Working with domains and Active Directory.

Ch 8-3 Working with domains and Active Directory.
Distributed Computing COEN 317 DC2: Naming, part 1.

Distributed Computing COEN 317 DC2: Naming, part 1.
DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

Similar presentations

Ads by Google