[openib-general] RE: [dat-discussions] round 2 - proposal for socket based connection model
Caitlin Bestler
caitlinb at broadcom.com
Tue Oct 25 10:31:16 PDT 2005
> -----Original Message-----
> From: Tom Tucker [mailto:tom at opengridcomputing.com]
> Sent: Tuesday, October 25, 2005 10:24 AM
> To: Caitlin Bestler
> Cc: DAT Collaborative; openib-general at openib.org; swg at infinibandta.org
> Subject: Re: [openib-general] RE: [dat-discussions] round 2 -
> proposal for socket based connection model
>
> What does this have to do with the protocol?
>
It's a whopping big security vulnerability.
The application is left with an expectation that the address is
more validated than it is. Admittedly even on an IP network it is
not perfectly authenticated, but with this protocol the remote
address information is far less authenticated and trivially spoofed.
More information about the general
mailing list