commit f359ae507ceda13489d13ffa05ce39184da39daa parent 3322d96ade6bc348fd7f5987f99920989e1602e0 Author: Elias Summermatter <elias.summermatter@seccom.ch> Date: Thu, 25 Feb 2021 12:02:48 +0100 Added sc section Diffstat:
| M | draft-summermatter-set-union.xml | | | 47 | ++++++++++++++++++++++++++++++++++------------- |
1 file changed, 34 insertions(+), 13 deletions(-)
diff --git a/draft-summermatter-set-union.xml b/draft-summermatter-set-union.xml @@ -2047,37 +2047,58 @@ FUNCTION get_bucket_id (key, number_of_buckets_per_element, ibf_size) <name>Passive Decoding</name> <t>Security considerations for received messages:</t> <dl> - <dt><xref target="messages_demand" format="title" /></dt> + <dt><xref target="messages_ibf" format="title" /></dt> <dd> - xxx + In case an IBF message is received by the peer a active/passive role change + is initiated if the max role change threshold is not reached. In this case all + open demands and offers are waited to be fulfilled to prevent retransmission before switching + to other state. + <!-- IMPLEMENT: What does happen here in the code? --> </dd> - <dt><xref target="messages_offer" format="title" /></dt> + <dt><xref target="messages_inquiry" format="title" /></dt> <dd> - XXXX + In case an inquiry message is received it should be ensured + that an inquiry for an element is just answered once, for this + there needs to be a list with all requested inquiries to prevent + an attacker from a replay attack. </dd> - <dt><xref target="messages_inquiry" format="title" /></dt> + <dt><xref target="messages_demand" format="title" /></dt> <dd> - XXXX + Same action as described for demand message in section + <xref target="security_states_active_decoding" format="title"/>. </dd> - <dt><xref target="messages_done" format="title" /></dt> + <dt><xref target="messages_offer" format="title" /></dt> <dd> - XXXX + Same action as described for offer message in section + <xref target="security_states_active_decoding" format="title"/>. </dd> - <dt><xref target="messages_element" format="title" /></dt> + <dt><xref target="messages_done" format="title" /></dt> <dd> - XXXX + Same action as described for done message in section + <xref target="security_states_active_decoding" format="title"/>. </dd> - <dt><xref target="messages_ibf" format="title" /></dt> + <dt><xref target="messages_elements" format="title" /></dt> <dd> - XXXX + Same action as described for element message in section + <xref target="security_states_active_decoding" format="title"/>. </dd> + </dl> </section> <section anchor="security_states_finish_waiting" numbered="true" toc="default"> <name>Finish Waiting</name> <t> - Bla Bla + In case not all sent demands or inquiries have ben answered in time the operation + has failed and MUST be terminated. </t> + <!-- FIXME: In state diagram in finish closing only Elements can be received. What happens if i receive an offer? --> + <t>Security considerations for received messages:</t> + <dl> + <dt><xref target="messages_elements" format="title" /></dt> + <dd> + Checked as described in section <xref target="security_states_active_decoding" format="title" />. + </dd> + </dl> </section>