IETF Logo Mail Archive

Re: [anonsec] I-D Action:draft-ietf-btns-connection-latching-06.txt

"Daniel Migault" <mglt.biz@gmail.com> Thu, 10 April 2008 16:31 UTC

Return-Path: <anonsec-bounces@postel.org>
X-Original-To: ietfarch-btns-archive-waDah9Oh@core3.amsl.com
Delivered-To: ietfarch-btns-archive-waDah9Oh@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 509D33A6C6A for <ietfarch-btns-archive-waDah9Oh@core3.amsl.com>; Thu, 10 Apr 2008 09:31:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_HTML_MOSTLY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gPXUtHY3zDoq for <ietfarch-btns-archive-waDah9Oh@core3.amsl.com>; Thu, 10 Apr 2008 09:31:38 -0700 (PDT)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by core3.amsl.com (Postfix) with ESMTP id 107513A6780 for <btns-archive-waDah9Oh@lists.ietf.org>; Thu, 10 Apr 2008 09:31:38 -0700 (PDT)
Received: from boreas.isi.edu (localhost [127.0.0.1]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m3AGBtUk026652; Thu, 10 Apr 2008 09:11:55 -0700 (PDT)
Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.224]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m3AGAxpl026345 for <anonsec@postel.org>; Thu, 10 Apr 2008 09:11:00 -0700 (PDT)
Received: by wx-out-0506.google.com with SMTP id t8so52637wxc.30 for <anonsec@postel.org>; Thu, 10 Apr 2008 09:10:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=q/3EwApfphzwnj6DdRQKWWUlY9h/jUPhcAmtEpt55uo=; b=jJtoZlajbkNAWmk/lxRU7vpB6YXqToruwq10CLGjkBHN+MW1P96ZFZB6JxikLFxfjeEvrby/i+2EjM15yoebsRb5msti40+tPTa9jfG4yX2nnLxWFg6vcXMR838xWJfNQMYLPj51UNlMzec1yEv8T3ret6xw2xByY4Ius6ZYLX0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=oqhMpPZACw776SKdDU0DWEQO71cT7tIaNAk712YJp1obEzvzauqmvDwIlFLDlWcyS9mKVlI2hHDP6p8z4kF9Te25FxxNbo0pfQ5sLSYxGnlNyfHb9scg2ckInks2cPZVvJ7q+kvF/dIiuffHNe3ua9Errz1P5IV1RS+ignQBq2s=
Received: by 10.141.175.5 with SMTP id c5mr851940rvp.281.1207843857984; Thu, 10 Apr 2008 09:10:57 -0700 (PDT)
Received: by 10.141.78.19 with HTTP; Thu, 10 Apr 2008 09:10:57 -0700 (PDT)
Message-ID: <c17ec2f80804100910r478482fcud27800dd8b6d444c@mail.gmail.com>
Date: Thu, 10 Apr 2008 18:10:57 +0200
From: Daniel Migault <mglt.biz@gmail.com>
To: Daniel Migault <mglt.biz@gmail.com>, Daniel Migault <daniel.migault@orange-ftgroup.com>, anonsec@postel.org
In-Reply-To: <20080410151942.GH8027@Sun.COM>
MIME-Version: 1.0
References: <20080407180003.GB16998@Sun.COM> <47FCD94F.6040108@orange-ftgroup.com> <20080409155138.GC16998@Sun.COM> <20080409170021.GE16998@Sun.COM> <47FCFFEA.7020004@orange-ftgroup.com> <20080409173633.GF16998@Sun.COM> <20080409181238.GG16998@Sun.COM> <20080410042555.GF8027@Sun.COM> <c17ec2f80804100722l1104b370vd55d91ee5792039d@mail.gmail.com> <20080410151942.GH8027@Sun.COM>
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: mglt.biz@gmail.com
Subject: Re: [anonsec] I-D Action:draft-ietf-btns-connection-latching-06.txt
X-BeenThere: anonsec@postel.org
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: "Discussions of anonymous Internet security." <anonsec.postel.org>
List-Unsubscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=unsubscribe>
List-Archive: <http://mailman.postel.org/pipermail/anonsec>
List-Post: <mailto:anonsec@postel.org>
List-Help: <mailto:anonsec-request@postel.org?subject=help>
List-Subscribe: <http://mailman.postel.org/mailman/listinfo/anonsec>, <mailto:anonsec-request@postel.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0794336024=="
Sender: anonsec-bounces@postel.org
Errors-To: anonsec-bounces@postel.org

This one is really great! Distinction of creation, state transition and
notification with different lines really helps to clarify it!
Daniel


On Thu, Apr 10, 2008 at 5:19 PM, Nicolas Williams <Nicolas.Williams@sun.com>
wrote:

> On Thu, Apr 10, 2008 at 04:22:02PM +0200, Daniel Migault wrote:
> > Maybe there is a solution to drop the  SUSPEND state and merge it with
> the
> > BROKEN state by  considering different transition condition from
> ESTABLISHED
> > to BROKEN.
>
> That's exactly what I did:
>
>   <CREATE_LISTENER_LATCH(3-tuple, ...)>
>                  :
>                  v    <CREATE_CONNECTION_LATCH(5-tuple, ...)>
>             /--------\           :   :
>      +------|LISTENER|......     :   :
>      |      \--------/     :     :   :   +--------------------+
>      |        :            :     :   :   |Legend:             |
>      |        :            :     :   :   | dotted lines denote|
>      |  <conn. trigger event>    :   :   |    latch creation  |
>      |      (e.g., TCP SYN :     :   :   |                    |
>      |       received,     :     :   :   | solid lines denote |
>      |       connect()     :     :   :   |    state transition|
>      |       called, ...)  v     v   :   |                    |
>      |        :        /-----------\ :   | semi-solid lines   |
>      |        :        |ESTABLISHED| :   |    denote async    |
>      |    <conflict>   \-----------/ :   |    notification    |
>      |        :         ^       |    :   +--------------------+
>      |        :         |      <conflict>
>      |        :    <conflict    |    :
>      |        :     cleared>    |    :
>      |        :    (OPTIONAL)   |    :
>      |        :         |       v    v
>      |        :      /----------------\
>      |        :.....>|     BROKEN     |.-.-.-.-.-> <ALERT()>
>      |               \----------------/
>       |                       |
>   <RELEASE_LATCH()>   <RELEASE_LATCH()>
>      |                       |
>      |                       v
>       |                    /------\
>      +------------------->|CLOSED|
>                           \------/
>
> > I don't think we have too many states, and I eventually would add
>  CONECTION
> > larval state for LC objects. On the other hand, if I really had to drop
> one
> > state I would rather drop larval state like the LISTEN state.
>
> Check out the above diagram.  I think it's simple enough now.
>
> Nico
> --
>



-- 
Daniel Migault
Orange Labs / Security Lab
+33 (0) 1 45 29 60 52
+33 (0) 6 70 72 69 58

_______________________________________________

v2.23.0 | Report a Bug | By Email