RE: Service level security for RFCOMM

Hi Steve,

> > So the question still stands. Should we already force authentication
> > when the peer sends PN CMD?
> 
> Actually p412 in the SPEC (v1.1) says:
> 
> "On the responding side, if authentication procedures are triggered from
> RFCOMM, this must only be done when receiving a SABM frame, not when
> receiving configuration commands preparing an unopened DLC (Erratum
> 1052)."

this is a clear statement. Thanks for pointing this out.

However this also leads to a security problem, because I can scan the
RFCOMM ports of a remote device without forcing the security mechanism.
I only have to do the PN exchange and then disconnect. What should a
remote device do when a PN CMD comes in for a channel without a service
behind it?

> > You must convince me that this is really needed and a good idea. For
> > what kind of application do you wanna use it?
> 
> It's for the same reason as stated above: you don't want the connection
> to succeed unless the security requirements can be met. If you have a
> client in security mode 2 and a server in security mode 1, you want the
> server to see an incoming connection _only_ if authentication/encryption
> have been successfully performed. You _don't_ want the server to see an
> incoming connection which is immediately closed.

Sorry, I don't get the point. Why should a client care about security
mode 2, when it want to connect to a server in security mode 1. Actually
the server must know what services to protect and not the client. If you
have such server running, then this is a wrong designed server from my
point of view.

Regards

Marcel




-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click