Return-Path: <lars.eggert@nokia.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
 with ESMTP id 636883A68C7 for <ietf@core3.amsl.com>;
 Sat, 14 Feb 2009 02:01:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[AWL=-0.601,
 BAYES_00=-2.599, J_CHICKENPOX_51=0.6, J_CHICKENPOX_81=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id exdtzb4csUHx for
 <ietf@core3.amsl.com>; Sat, 14 Feb 2009 02:01:24 -0800 (PST)
Received: from mail.fit.nokia.com (unknown [IPv6:2001:2060:40:1::123]) by
 core3.amsl.com (Postfix) with ESMTP id 967263A6B44 for <ietf@ietf.org>;
 Sat, 14 Feb 2009 02:01:23 -0800 (PST)
Received: from [192.168.0.199] (cs95200.pp.htv.fi [212.90.95.200])
 (authenticated bits=0) by mail.fit.nokia.com (8.14.3/8.14.3) with ESMTP id
 n1EA1OlG082677 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT);
 Sat, 14 Feb 2009 12:01:24 +0200 (EET) (envelope-from lars.eggert@nokia.com)
Message-Id: <972666D1-3024-4495-A3BC-475B7488DA81@nokia.com>
From: Lars Eggert <lars.eggert@nokia.com>
To: Marshall Eubanks <tme@multicasttech.com>
In-Reply-To: <0B030ADA-F621-4FDF-9CAF-23A27C16E26B@multicasttech.com>
Content-Type: multipart/signed; boundary=Apple-Mail-25-747925186; micalg=sha1;
 protocol="application/pkcs7-signature"
Mime-Version: 1.0 (Apple Message framework v930.3)
Subject: Re: Security Assessment of the Transmission Control Protocol (TCP)
Date: Sat, 14 Feb 2009 12:01:19 +0200
References: <4994A4EB.5030607@gmail.com>
 <0B030ADA-F621-4FDF-9CAF-23A27C16E26B@multicasttech.com>
X-Mailer: Apple Mail (2.930.3)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1
 (mail.fit.nokia.com [212.213.221.39]); Sat, 14 Feb 2009 12:01:25 +0200 (EET)
X-Virus-Scanned: ClamAV 0.94.2/8990/Sat Feb 14 06:27:24 2009 on fit.nokia.com
X-Virus-Status: Clean
Cc: IETF discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>,
 <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>,
 <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Feb 2009 10:01:26 -0000

--Apple-Mail-25-747925186
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed;
	delsp=yes
Content-Transfer-Encoding: 7bit

Hi,

On 2009-2-14, at 0:25, Marshall Eubanks wrote:
> If I am reading this correctly the UK Centre for the Protection of
> National Infrastructure
> wants the IETF (or some other body) to produce a "companion document
> to the IETF specifications that discusses the security aspects and
> implications of the protocols, identifies the existing
> vulnerabilities, discusses the possible countermeasures, and analyses
> their respective effectiveness."


during the discussions around the TCP implementation deficiencies  
publicized by the Outpost24 last fall, we discussed with CERT-FI and  
others in that community that the IETF would offer to be the venue for  
publishing such a document. The goal would be to document techniques  
that stack vendors are employing to harden their stacks. They asked us  
to wait until vendors had a chance to deploy patches to the latest  
round of vulnerabilities, and we haven't heard back from them since  
late last year. (Which reminds me to shoot them an email.)

I believe such a document would be fully in scope for TCPM, but  
obviously the involvement of the stack vendors is critical to ensure  
this is a document that has practical relevance.

Lars

> Begin forwarded message:
>
>> From: Fernando Gont <fernando.gont@gmail.com>
>> Date: February 12, 2009 5:38:35 PM EST
>> To: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
>> Subject: Security Assessment of the Transmission Control Protocol
>> (TCP)
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Hello, folks,
>>
>> The United Kingdom's Centre for the Protection of National
>> Infrastructure has just released the document "Security Assessment of
>> the Transmission Control Protocol (TCP)", on which I have had the
>> pleasure to work during the last few years.
>>
>> The motivation to produce this document is explained in the Preface  
>> of
>> the document as follows:
>>
>> - ---- cut here ----
>> The TCP/IP protocol suite was conceived in an environment that was
>> quite
>> different from the hostile environment they currently operate in.
>> However, the effectiveness of the protocols led to their early
>> adoption
>> in production environments, to the point that to some extent, the
>> current world?s economy depends on them.
>>
>> While many textbooks and articles have created the myth that the
>> Internet protocols were designed for warfare environments, the top
>> level
>> goal for the DARPA Internet Program was the sharing of large service
>> machines on the ARPANET. As a result, many protocol specifications
>> focus
>> only on the operational aspects of the protocols they specify, and
>> overlook their security implications.
>>
>> While the Internet technology evolved since it early inception, the
>> Internet?s building blocks are basically the same core protocols
>> adopted
>> by the ARPANET more than two decades ago.
>>
>> During the last twenty years, many vulnerabilities have been
>> identified
>> in the TCP/IP stacks of a number of systems. Some of them were based
>> on
>> flaws in some protocol implementations, affecting only a reduced
>> number
>> of systems, while others were based in flaws in the protocols
>> themselves, affecting virtually every existing implementation. Even  
>> in
>> the last couple of years, researchers were still working on security
>> problems in the core protocols.
>>
>> The discovery of vulnerabilities in the TCP/IP protocol suite usually
>> led to reports being published by a number of CSIRTs (Computer
>> Security
>> Incident Response Teams) and vendors, which helped to raise awareness
>> about the threats and the best mitigations known at the time the
>> reports
>> were published. Unfortunately, this also led to the documentation of
>> the
>> discovered protocol vulnerabilities being spread among a large
>> number of
>> documents, which are sometimes difficult to identify.
>>
>> For some reason, much of the effort of the security community on the
>> Internet protocols did not result in official documents (RFCs) being
>> issued by the IETF (Internet Engineering Task Force). This basically
>> led
>> to a situation in which ?known? security problems have not always
>> been addressed by all vendors. In addition, in many cases vendors  
>> have
>> implemented quick ?fixes? to the identified vulnerabilities without a
>> careful analysis of their effectiveness and their impact on
>> interoperability.
>>
>> Producing a secure TCP/IP implementation nowadays is a very difficult
>> task, in part because of the lack of a single document that serves
>> as a
>> security roadmap for the protocols. Implementers are faced with the
>> hard
>> task of identifying relevant documentation and differentiating  
>> between
>> that which provides correct advice, and that which provides  
>> misleading
>> advice based on inaccurate or wrong assumptions.
>>
>>
>> There is a clear need for a companion document to the IETF
>> specifications that discusses the security aspects and implications  
>> of
>> the protocols, identifies the existing vulnerabilities, discusses the
>> possible countermeasures, and analyses their respective  
>> effectiveness.
>>
>> This document is the result of a security assessment of the IETF
>> specifications of the Transmission Control Protocol (TCP), from a
>> security point of view. Possible threats are identified and, where
>> possible, countermeasures are proposed. Additionally, many
>> implementation flaws that have led to security vulnerabilities have
>> been
>> referenced in the hope that future implementations will not incur the
>> same problems.
>>
>> This document does not aim to be the final word on the security
>> aspects
>> of TCP. On the contrary, it aims to raise awareness about a number of
>> TCP vulnerabilities that have been faced in the past, those that are
>> currently being faced, and some of those that we may still
>> have to deal with in the future.
>>
>> Feedback from the community is more than encouraged to help this
>> document be as accurate as possible and to keep it updated as new
>> vulnerabilities are discovered.
>> - ---- cut here ----
>>
>> The document is available at CPNI's web site:
>> http://www.cpni.gov.uk/Products/technicalnotes/Feb-09-security-assessment-TCP.aspx
>>
>> Additionally, I have posted a copy of the document on my personal web
>> site: http://www.gont.com.ar
>>
>> Any comments will be more than welcome.
>>
>> Kind regards,
>> - --
>> Fernando Gont
>> e-mail: fernando@gont.com.ar || fgont@acm.org
>> PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
>>
>>
>>
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (GNU/Linux)
>>
>> iQEcBAEBCAAGBQJJlKTFAAoJEJbuqe/Qdv/xbBgH/0CRAO7VttW8IlSs6ocKl8Xi
>> pQkuUZOKAZrkok0T4GOkRPBmIv+5K8ZQT8hBBdTL6TOdZ+LOIHvmwpOMRqosijbm
>> +KXTuHYws/zVbReCZXdYFhHfxRUn75G9s0mafNRpkiQV07hoHpD38UcGJYUnQXNy
>> 7uuV3HXJDENgE0L8pAK8HhgNKlX3clcV3sBJEzHMsvVVT1Jh1XsS+krAD7JguN95
>> nhjOTcTp1Ggq+F6wqucm9Kf193O78REEz/FGeaoPGSDfzD0EBGg4IG1qu6Bo3e++
>> ALLEOhARQJ0l12dC+84N0/mrGBSe45pUbMddT6xZzDXa6INcmTE6dc1VSQL8EAo=
>> =IVlY
>> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Ietf mailing list
> Ietf@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf


--Apple-Mail-25-747925186
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGQDCCAvkw
ggJioAMCAQICEEi7WbMMKa2GLKFpQDaOBQEwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MDgyMzE3NDMzOVoXDTA5MDgyMzE3NDMz
OVowXDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYDVQQDEwtMYXJzIEVnZ2Vy
dDEkMCIGCSqGSIb3DQEJARYVbGFycy5lZ2dlcnRAbm9raWEuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAlwQVktJZCY89iU6jcW1XnZQN+aMgF2utCUT3H3ZKB5Jbet1SDWt0md/W
571bHjxtn9CfEJdochNL3l9f1WiJNdVbJ182557Ltx9SojqthpqtA0jKEqo2gqrf+raUj1demmo0
6ocsLqv046CrwidOp6k0RAfvkKPLhD4PD9Nk3oaZuxqBz1wY4u8Q83iWMArDeXiQxfNZnOBz5cDs
VvVjTjitm3VANkbD02tNkwl5AHw7htde4yH8hIwlfzqsAtHBEah3HyOvs9b+gHg2pFz9eS+HuotY
ZKycCweRs8NKXoCg+zAkVYi3zvZEH2VOuPlpMQMrB9+fLWg2UBsTeZ864wIDAQABozIwMDAgBgNV
HREEGTAXgRVsYXJzLmVnZ2VydEBub2tpYS5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUF
AAOBgQBMdV2U+ryV5t3nuBFH19XKflodN6Bc60GBYHHY/Z0+Cl08Q75qzTt02IILBg+/YVh/fygb
6pFrOm1sFtLN7fENBfbO2VtpFjP2lGUgbXTVT5xGM6+MtqZiBI6LqexAeY6gsd/taoUfy9fZG42d
ciBA9gSGlQjjWQyG8mb5HR8L9jCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJ
BgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG
A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMg
RGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3
DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3
MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5
KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9
fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+
uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMB
Af8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3
dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgG
A1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcP
f6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH
2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8x
ggMQMIIDDAIBATB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAo
UHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQ
SLtZswwprYYsoWlANo4FATAJBgUrDgMCGgUAoIIBbzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB
MBwGCSqGSIb3DQEJBTEPFw0wOTAyMTQxMDAxMTlaMCMGCSqGSIb3DQEJBDEWBBQ6nHvCK8E73zFU
Q8QuraRG2nYrSDCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0ECEEi7WbMMKa2GLKFpQDaOBQEwgYcGCyqGSIb3DQEJEAILMXigdjBiMQsw
CQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE
AxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEEi7WbMMKa2GLKFpQDaOBQEw
DQYJKoZIhvcNAQEBBQAEggEAMEW5WkMRh35JMsfkPCn2QurOL+jIZLgookmuLd3GnMG9VDluEm7d
mv9o35MnhumT5U8oMxLEFr+1MSARx4LYoxn6cIAnu5oGw79Bu9FSnXy6xViV64p33wtJPZ//kTd9
AOlLRj1K3O2TZCyGUzS2bao4EUY1FM9Bm6offdtEoR0U4YVu3eIZiofFYECICZXy1Gs8qOZoAW/E
ZfqV13z0Zwrpq/neze3rVwzYqr6jiHUYVx6C8Y/3mZaI6ASLJq+mfuyUs5f4REvc3WYugRqntCGT
xzefJTo2JgtuiaxUTeaGeczCGcLhJ/jOopjY7wU0KLb/bckjU6yU8Tc2Wp4lfAAAAAAAAA==

--Apple-Mail-25-747925186--