Passa al contenuto principale

4. Security Considerations

This page preserves the original RFC text for the section and adds navigation metadata for the documentation site.

Original RFC Text

4.  Security Considerations

This document introduces credit window flow control mechanisms for
DLEP. These mechanisms expose vulnerabilities similar to existing
DLEP messages. An example of a threat to which flow control might be
susceptible is where a malicious actor masquerading as a DLEP peer
could inject a Credit Window Initialization Data Item that resizes a
credit window to a value that results in a denial of service. Other
possible threats are discussed in the Security Considerations section
of [RFC8175] and are also applicable, but not specific, to flow
control. The transport-layer security mechanisms documented in
[RFC8175], along with the latest version of [BCP195] at the time of
this writing, can be applied to this document. Implementations
following the "networked deployment" model described in Section 4
("Implementation Scenarios") of [RFC8175] SHOULD refer to [BCP195]
for additional details. The Layer 2 security mechanisms documented
in [RFC8175] can also, with some updates, be applied to the
mechanisms defined in this document. Examples of technologies that
can be deployed to secure the Layer 2 link include [IEEE-802.1AE] and
[IEEE-8802-1X].