Re: The TCP and UDP checksum algorithm may soon need updating

Richard Barnes <rlb@ipv.sx> Mon, 08 June 2020 19:29 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 029433A0F54 for <ietf@ietfa.amsl.com>; Mon, 8 Jun 2020 12:29:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9r84nTcFbpic for <ietf@ietfa.amsl.com>; Mon, 8 Jun 2020 12:29:49 -0700 (PDT)
Received: from mail-qt1-x82c.google.com (mail-qt1-x82c.google.com [IPv6:2607:f8b0:4864:20::82c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B7273A0F85 for <ietf@ietf.org>; Mon, 8 Jun 2020 12:29:45 -0700 (PDT)
Received: by mail-qt1-x82c.google.com with SMTP id z1so15701263qtn.2 for <ietf@ietf.org>; Mon, 08 Jun 2020 12:29:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wONK0jZ0BGDCdLSbudfRLGhXj/JvUj+O9tTABVGnmgc=; b=AImqKx8TrdO4pO01Fz4XcbyC5rSPqFFuGAKfru+rBsNJBvTlK8305Mlk+OCgEnQXVW RpLsa/s2PBg6JhfB/ZmFcGLqz/jeu0RKbmTeypPq5ZIphD0mUtzNBBUKIZNgg97rE9e3 iiJwmn1zflhRhz2dhm8sgNKKVEiTNpMk8lU4500it5es39f2gcQD2AbkdoXX+QA6V9Gy EnOpUMTqg1YWSDRd5St2bALk5lKHQRVjnhTLUIMbu7qpckr8T0m2zdxfG/OOBkFo9SCN pfUOukXfHg9dCzKSRmxpZcsk0fJzxaEgWInwNGKsMnNpb0nVHe2F82Z7ujfngR+mZn52 KN8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wONK0jZ0BGDCdLSbudfRLGhXj/JvUj+O9tTABVGnmgc=; b=CfzIr0MsQcST2MXW6m9LEHh7rVbT7Gcy3bU3ltqasajSxLgcrJOrIIinOC8Vw+wRNg ElVR3NWB/O8/LqvrCQEUPExbgCfXzDrTykws0QUzFiroTKj2TaPXCQYYnD9yFqJxiBhW SrK8etz5fHCGN3fWgxnFZ6dJJxYDSsIFYnad4t5v5IjpHvPyDmb0bMD8LKNqT7MGgHG1 xq6Pzi3ilLx//cEBBiYpf9qqCliEGwV62bTarInMstAPrXZNiCqI02If2lkjPOjuf9Gd HqnmYK6NmpwtgIzovrOBBJ6tKZUuWupX39sS4utTRHgbCAPC6tRhcAqtRn4+PYG4Glog xK6w==
X-Gm-Message-State: AOAM530cxzTI9qXX/j/C75QMxq7SgAq4keXCUAQm1n/okcDfjz3c+vIo gTna0RFTsDIDCX7GQOV3ypunS//ENsjMWFs07jdcfrOTFug=
X-Google-Smtp-Source: ABdhPJxDppiYxggRJUOcQUDnBh9jQbMyVvo3P8Ft7pgoHwVKQVSJFvKCQaKPKvx+RW6Ee9NmtIxTq7BbfAGr+nEDYzE=
X-Received: by 2002:ac8:1925:: with SMTP id t34mr24324622qtj.265.1591644583504; Mon, 08 Jun 2020 12:29:43 -0700 (PDT)
MIME-Version: 1.0
References: <28A2725D-00F8-4739-8A73-ED176F8EF561@strayalpha.com> <3AA98081-A70E-4076-8096-79FFAEE8A738@huitema.net> <830b91c4-0bb5-af5b-f7b8-c5edd43dc87e@mtcc.com> <4512C1BF-5722-479B-8506-24018610BEAD@strayalpha.com> <5b4ea5ea-e2d6-1a01-3676-dd2a72dbd2c1@mtcc.com> <2C425F1E-2E12-4E47-ACEC-AF4C4A93FA3E@akamai.com> <140429ad-af8b-e03f-a641-1e78b6056fa4@mtcc.com> <D55AFBFD-0D59-4176-B6BD-D6A1801FEC2C@akamai.com> <77B2A0BC-0B4B-4118-A618-CE3F91B976F1@tzi.org> <fe52fd56-86df-26c0-eabf-39a45b293491@foobar.org> <38EE3FAB-BFA6-4E4C-97EB-BEA1581BDF78@tzi.org> <701D43E2D4CCEC304A935A92@PSB>
In-Reply-To: <701D43E2D4CCEC304A935A92@PSB>
From: Richard Barnes <rlb@ipv.sx>
Date: Mon, 08 Jun 2020 15:29:30 -0400
Message-ID: <CAL02cgQ5E2o0VjaekFDp_qGHdbczkPyayRDFk-FtOWnQ13ay1A@mail.gmail.com>
Subject: Re: The TCP and UDP checksum algorithm may soon need updating
To: John C Klensin <john-ietf@jck.com>
Cc: Carsten Bormann <cabo@tzi.org>, Nick Hilliard <nick@foobar.org>, IETF discussion list <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000002401605a797a2f2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/LYDCMkZ5SbKFiuXFxjuTO7cNtUM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2020 19:29:51 -0000

The upshot of the message that started this thread is that if you don't put
your eggs in that basket, then the Internet doesn't work.


On Mon, Jun 8, 2020 at 3:09 PM John C Klensin <john-ietf@jck.com> wrote:

>
>
> --On Monday, June 8, 2020 20:39 +0200 Carsten Bormann
> <cabo@tzi.org> wrote:
>
> >...
> > We now have the opportunity to make pervasive use of security;
> > nobody knows how long that window of opportunity will stay
> > open.  Instead of working on changing checksums, we should go
> > for it.
>
> <mini-rant>
> While you are going for it just be sure that if the window
> closes again, and closes sufficiently hard in some places to ban
> the use of encrypted message flows entirely, the community is
> not faced with a choice among no Internet, a highly fractionated
> Internet with no communications between "crypto ok" and "crypto
> prohibited" countries, or trying to limp along using protocols
> that are known to be defective because we decided to ignore the
> problems with them in favor of putting all of our proverbial
> eggs in the pervasive security and encryption basket.
> </mini-rant>
>
>     john
>
>