Bug 276 - IPv6 support in XDMCP protocol spec
Summary: IPv6 support in XDMCP protocol spec
Status: RESOLVED FIXED
Alias: None
Product: XStandards
Classification: Unclassified
Component: XDMCP (show other bugs)
Version: X11R6.6
Hardware: All All
: high enhancement
Assignee: Alan Coopersmith
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 257 277
  Show dependency treegraph
 
Reported: 2004-03-05 23:16 UTC by Alan Coopersmith
Modified: 2004-03-27 17:46 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments
Proposed changes to XDMCP protocol for IPv6 support (6.06 KB, patch)
2004-03-05 23:17 UTC, Alan Coopersmith
Details | Splinter Review

Description Alan Coopersmith 2004-03-05 23:16:13 UTC
The XDMCP protocol needs several changes for IPv6 address support,
including creation of a new XDM-AUTHENTICATION-2 scheme that can
support addresses larger than 32-bits.
Comment 1 Alan Coopersmith 2004-03-05 23:17:02 UTC
Created attachment 128 [details] [review]
Proposed changes to XDMCP protocol for IPv6 support
Comment 2 Keith Packard 2004-03-06 09:01:34 UTC
I'm a bit confused over the incorporation of 256-bit AES encryption.  Given that
we have no method to secure the X protocol running in this XDM environment, are
we sure it's necessary to add this new encryption mechanism here?  And, how does
using AES affect our ability to gain export permission for the sample
implementation?

Without this change, the only thing we need do to the specification is declare
how the value of N is computed; the specification already allows different
transports to use different data.  It seems like we should be separating the
changes needed to support IPv6 addresses from those which attempt to provide
additional security.

I also don't understand (I'm no encryption expert) what extending T from 32 to
64 bits accomplishes; is there concern that the limited range of T values would
expose the protocol to some replay attacks?
Comment 3 Alan Coopersmith 2004-03-28 11:46:05 UTC
The X.org Architecture Task Force has decided to defer the XDM-AUTHENTICATION-2
changes for now, since there is no implementation to get experience with.  The
remainder of the changes have been adopted for the X11R6.7/XDMCP standard 1.1
release, after 9 months of beta testing the sample implementation and two rounds
of public review of the standards specs.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.