Re: The TCP and UDP checksum algorithm may soon need updating

John C Klensin <john-ietf@jck.com> Mon, 08 June 2020 19:08 UTC

Return-Path: <john-ietf@jck.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DEFF3A0F02 for <ietf@ietfa.amsl.com>; Mon, 8 Jun 2020 12:08:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 78vwcDTLh3B0 for <ietf@ietfa.amsl.com>; Mon, 8 Jun 2020 12:08:22 -0700 (PDT)
Received: from bsa2.jck.com (ns.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49F4E3A0F10 for <ietf@ietf.org>; Mon, 8 Jun 2020 12:07:24 -0700 (PDT)
Received: from [198.252.137.10] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1jiN72-0006Um-3E; Mon, 08 Jun 2020 15:07:12 -0400
Date: Mon, 08 Jun 2020 15:07:05 -0400
From: John C Klensin <john-ietf@jck.com>
To: Carsten Bormann <cabo@tzi.org>, Nick Hilliard <nick@foobar.org>
cc: ietf@ietf.org
Subject: Re: The TCP and UDP checksum algorithm may soon need updating
Message-ID: <701D43E2D4CCEC304A935A92@PSB>
In-Reply-To: <38EE3FAB-BFA6-4E4C-97EB-BEA1581BDF78@tzi.org>
References: <28A2725D-00F8-4739-8A73-ED176F8EF561@strayalpha.com> <3AA98081-A70E-4076-8096-79FFAEE8A738@huitema.net> <830b91c4-0bb5-af5b-f7b8-c5edd43dc87e@mtcc.com> <4512C1BF-5722-479B-8506-24018610BEAD@strayalpha.com> <5b4ea5ea-e2d6-1a01-3676-dd2a72dbd2c1@mtcc.com> <2C425F1E-2E12-4E47-ACEC-AF4C4A93FA3E@akamai.com> <140429ad-af8b-e03f-a641-1e78b6056fa4@mtcc.com> <D55AFBFD-0D59-4176-B6BD-D6A1801FEC2C@akamai.com> <77B2A0BC-0B4B-4118-A618-CE3F91B976F1@tzi.org> <fe52fd56-86df-26c0-eabf-39a45b293491@foobar.org> <38EE3FAB-BFA6-4E4C-97EB-BEA1581BDF78@tzi.org>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.10
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/nCTOr2n3_8UZqVGkO97O0FayGi4>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2020 19:08:24 -0000


--On Monday, June 8, 2020 20:39 +0200 Carsten Bormann
<cabo@tzi.org> wrote:

>...
> We now have the opportunity to make pervasive use of security;
> nobody knows how long that window of opportunity will stay
> open.  Instead of working on changing checksums, we should go
> for it.

<mini-rant>
While you are going for it just be sure that if the window
closes again, and closes sufficiently hard in some places to ban
the use of encrypted message flows entirely, the community is
not faced with a choice among no Internet, a highly fractionated
Internet with no communications between "crypto ok" and "crypto
prohibited" countries, or trying to limp along using protocols
that are known to be defective because we decided to ignore the
problems with them in favor of putting all of our proverbial
eggs in the pervasive security and encryption basket.
</mini-rant>

    john