--- 1/draft-ietf-manet-olsrv2-dat-metric-11.txt	2015-12-15 12:15:07.244752760 -0800
+++ 2/draft-ietf-manet-olsrv2-dat-metric-12.txt	2015-12-15 12:15:07.284753721 -0800
@@ -1,19 +1,19 @@
 
 MANET                                                           H. Rogge
 Internet-Draft                                           Fraunhofer FKIE
 Intended status: Experimental                                E. Baccelli
 Expires: June 17, 2016                                             INRIA
                                                        December 15, 2015
 
    Packet Sequence Number based directional airtime metric for OLSRv2
-                 draft-ietf-manet-olsrv2-dat-metric-11
+                 draft-ietf-manet-olsrv2-dat-metric-12
 
 Abstract
 
    This document specifies an Directional Airtime (DAT) link metric for
    usage in OLSRv2.
 
 Status of This Memo
 
    This Internet-Draft is submitted in full conformance with the
    provisions of BCP 78 and BCP 79.
@@ -70,21 +70,21 @@
    12. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  14
    13. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  14
    14. References  . . . . . . . . . . . . . . . . . . . . . . . . .  15
      14.1.  Normative References . . . . . . . . . . . . . . . . . .  15
      14.2.  Informative References . . . . . . . . . . . . . . . . .  15
    Appendix A.  Future work  . . . . . . . . . . . . . . . . . . . .  16
    Appendix B.  OLSR.org metric history  . . . . . . . . . . . . . .  17
    Appendix C.  Linkspeed stabilization  . . . . . . . . . . . . . .  18
    Appendix D.  Packet loss hysteresis . . . . . . . . . . . . . . .  18
    Appendix E.  Example DAT values . . . . . . . . . . . . . . . . .  19
-   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  19
+   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  20
 
 1.  Introduction
 
    One of the major shortcomings of Optimized Link State Routing (OLSR)
    [RFC3626] is the lack of a granular link cost metric between OLSR
    routers.  Operational experience with OLSR networks gathered since
    its publication has revealed that wireless networks links can have
    highly variable and heterogeneous properties.  This makes a hopcount
    metric insufficient for effective OLSR routing.
 
@@ -608,42 +608,44 @@
    9.  add(L_DAT_received, 0)
 
    The calculated L_in_metric value should be stabilized by a hysteresis
    function.  See Appendix D for an example.
 
 11.  Security Considerations
 
    Artificial manipulation of metrics values can drastically alter
    network performance.  In particular, advertising a higher L_in_metric
    value may decrease the amount of incoming traffic, while advertising
-   lower L_in_metric may increase the amount of incoming traffic.  By
-   artificially increasing or decreasing the L_in_metric values it
-   advertises, a rogue router may thus attract or repulse data traffic.
-   A rogue router may then potentially degrade data throughput by not
-   forwarding data as it should or redirecting traffic into routing
-   loops or bad links.  It might also attract traffic for "Man in the
-   Middle" attacks or traffic analysis.
-
-   An attacker might also inject packets with incorrect packet level
-   sequence numbers, pretending to be somebody else.  This attack can be
-   prevented by the true originator of the RFC5444 packets by adding a
-   [RFC7182] ICV Packet TLV and TIMESTAMP Packet TLV to each packet.
-   This allows the receiver to drop all incoming packets which have a
-   forged packet source, both packets generated by the attacker or
-   replayed packets.  The security mechanism described in [RFC7183] does
-   not protect the sequence number used by the DAT metric because it
-   does only sign the RFC5444 messages, not the RFC5444 packet header
-   (which contains the RFC5444 packet sequence number).
+   lower L_in_metric may increase the amount of incoming traffic.
 
-   Protection mechanisms against "Man in the Middle" attacks are
+   For example, by thus artificially attracting mesh routes and then
+   dropping the incoming traffic, an attacker may achieve a Denial of
+   Service (DoS) against other mesh nodes.  Similarly, an attacker may
+   achieve Man in the Middle (MITM) attacks or traffic analysis by
+   concentrating traffic being router over a node the attacker controls
+   (and end-to-end encryption is not used or somehow broken).
+   Protection mechanisms against such MITM or DoS attacks are
    nevertheless out of scope of this document.
 
+   Security threats also include potential attacks on the integrity of
+   the control traffic passively monitored by DAT to measure link
+   quality.  For example, an attacker might inject packets pretending to
+   be somebody else, and using incorrect sequence numbers.  This attack
+   can be prevented by the true originator of the RFC5444 packets by
+   adding a [RFC7182] ICV Packet TLV and TIMESTAMP Packet TLV to each
+   packet.  This allows the receiver to drop all incoming packets which
+   have a forged packet source, both packets generated by the attacker
+   or replayed packets.  However, the security mechanism described in
+   [RFC7183] does not protect the sequence number used by the DAT metric
+   because it does only sign the RFC5444 messages, not the RFC5444
+   packet header (which contains the RFC5444 packet sequence number).
+
 12.  IANA Considerations
 
    This document has no actions for IANA.
 
 13.  Acknowledgements
 
    The authors would like to acknowledge the network administrators from
    Freifunk Berlin [FREIFUNK] and Funkfeuer Vienna [FUNKFEUER] for
    endless hours of testing and suggestions to improve the quality of
    the original ETX metric for the OLSR.org routing daemon.