Writing Secure SLP Enabled Applications
OpenSLP Programmer's Guide » Misc. Information » Writing Secure SLP Enabled Applications

Introduction

Major changes were made to the OpenSLP 0.8.x codebase to add SLPv2 message authentication support for OpenSLP 0.9.0.  Until this time, there were no plans to ever implement SLPv2 security due to the ideas expressed in a internal Caldera document entitled "OpenSLP and SLPv2 Authentication".  The document (full text available) mostly references and draws conclusions from discussion from the srvloc@srvloc.org mailing list.  The following is the concluding paragraphs of the document.

For those that are not willing to endure the tedium of reading the entire mailing list discussion, the conclusion was eventually made (at least by the author) that though SLP authentication may be appropriate in some specialized SLP deployments, it is probably not beneficial in normal network computer environments.  This conclusion is based on the following premises:
  • Implementation of SLP authentication in the absence of public key infrastructure standards would require enough manual configuration to invalidate all claims SLP has to increased usability.
  • Common helper protocols DNS, DHCP, IP, even ARP are currently insecure for usability reasons.   SLP fits into this category of protocols where lack of security may be considered a feature when it allows for maximal usability.
  • Given the lack of security in the above mentioned (and other) protocols self-established authentication of end to end communication is required anyway for secure communication of network software entities.
  • In the presence of appropriate end to end security mechanisms, SLP related security attacks are limited to the realm of "denial of service" or "disruptions" -- even when no authentication is implemented in SLP.  In other words there is not a risk of compromise of confidential information that can be attributed to SLP as long as appropriate end to end security is established.

So, for the OpenSLP project, there are not any plans to implement SLPv2 security.  (This may change in the future depending on the success of ongoing PKI standardization efforts.)  There are, however, many things that could be done to reduce opportunities for "denial of service attacks" or other malicious SLP related disruptions.  These will be addressed in future versions of OpenSLP.  Also, in order to inform developers about the importance of writing secure applications, plans have been made to include an SLP Security HOWTO as part of the OpenSLP Documentation.

The existence of SLPv2 authentication in OpenSLP does not eliminate the need to provide secure end-to-end communication for service specific protocols   (read the full text of the paper if you don't know what I'm talking about here).  OpenSLP security does not do any good at all if the authentication, integrity, and/or privacy of service specific communication weak.

Who should read this document?

If you are a developer that writes SLP enabled software, you should read this document.  If you are a system or network administrator that is concerned with how to setup and maintain secure SLP installations, you should read the Security section of the OpenSLP Users guide.

*** PLEASE BE PATIENT UNTIL I GET SOME TIME TO WRITE THE REST OF THIS DOCUMENT ***