Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile
Toerless Eckert <tte@cs.fau.de> Mon, 27 August 2018 05:22 UTC
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 851EB130E6D; Sun, 26 Aug 2018 22:22:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ds6452LSorwT; Sun, 26 Aug 2018 22:22:02 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AE6B130DE0; Sun, 26 Aug 2018 22:22:01 -0700 (PDT)
Received: from faui48f.informatik.uni-erlangen.de (faui48f.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:52]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 058C854832B; Mon, 27 Aug 2018 07:21:58 +0200 (CEST)
Received: by faui48f.informatik.uni-erlangen.de (Postfix, from userid 10463) id EB0C1440054; Mon, 27 Aug 2018 07:21:57 +0200 (CEST)
Date: Mon, 27 Aug 2018 07:21:57 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: Tom Herbert <tom@herbertland.com>
Cc: Joe Touch <touch@strayalpha.com>, Christian Huitema <huitema@huitema.net>, int-area <int-area@ietf.org>, intarea-chairs@ietf.org
Message-ID: <20180827052157.rvu4tzz2uk2goc3p@faui48f.informatik.uni-erlangen.de>
References: <20180825032457.ol5rlrr7h2kqi6px@faui48f.informatik.uni-erlangen.de> <CALx6S35-n_ROEZv0NReVEWTUhnyc25SNJb5DaeqtnxPAPk6QjQ@mail.gmail.com> <CAF493D3-37A2-4A89-BA88-81567E5B88F1@huitema.net> <538A6193-2BD7-4E72-BD28-736B81F97B33@strayalpha.com> <20180826215558.6hzff2povrxuis3y@faui48f.informatik.uni-erlangen.de> <0A065EE6-463C-4C71-BF12-C0E5A1C51680@strayalpha.com> <20180826233350.kz3q6gzqbq36nn4r@faui48f.informatik.uni-erlangen.de> <810cea0d-809f-040d-bc79-7c7413cd99f2@strayalpha.com> <20180827023513.2bxjrk335al2lbvz@faui48f.informatik.uni-erlangen.de> <CALx6S35MbKF+b8n6Tps1-4NsOA=i_cUD5-mhYt-hSkiQXikx-Q@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CALx6S35MbKF+b8n6Tps1-4NsOA=i_cUD5-mhYt-hSkiQXikx-Q@mail.gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/-bllZ3OTN0-X3j18Qn188FsGCBs>
Subject: Re: [Int-area] WG Adoption Call: IP Fragmentation Considered Fragile
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2018 05:22:05 -0000
On Sun, Aug 26, 2018 at 08:19:41PM -0700, Tom Herbert wrote: > Toerless, > > I'm not sure what "outsourced into a common network component" means. > I've done a lot of app and OS development and have NEVER once > "outsourced" security to the network. And i worked in a company where for a good while, SOCKS was a key part of the security concept. What do two random people experience data points help here ? ;-) > OSes and apps need to work > across all networks, in any possible environment, so having one > network provide a strict firewall, and in the next one no firewall > doesn't help really help things. Least common denominator for security > is no firewall, and that's what we assume in host development. The main question is what architecture we want for firewalls. IMHO i primarily need one where the firewall operator can be someone else from whoever operates any type of potentially crappy endpoint or endpoint app. If there are perfect security endpoint/e dpoint apps, thats fine, but they are not the problem anyhow. Assuming host development to be security wise good enough to connect to the internet without an external firewall is quite risky for most hosts that are not running the latest Windows/MacOS with good firewall configs. > Or perhaps they don't want to make it work since there is no standard > protocol for hosts to communicate characteristics of traffic with the > network. I think https://datatracker.ietf.org/doc/draft-herbert-fast/ > could be that. subscriber and app-id are probably more important. Cheers Toerless
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Brian E Carpenter
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- [Int-area] WG Adoption Call: IP Fragmentation Con… Wassim Haddad
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Black, David
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Templin (US), Fred L
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Brian E Carpenter
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Brian E Carpenter
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Eric Vyncke (evyncke)
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Templin (US), Fred L
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ron Bonica
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ron Bonica
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Black, David
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ron Bonica
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Templin (US), Fred L
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Templin (US), Fred L
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Fernando Gont
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Templin (US), Fred L
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Fernando Gont
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Brian E Carpenter
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Brian E Carpenter
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Fernando Gont
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Fernando Gont
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Brian E Carpenter
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Wassim Haddad
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Mikael Abrahamsson
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joel Jaeggli
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Christian Huitema
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Ole Troan
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Toerless Eckert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… tom
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Christian Huitema
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Christian Huitema
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Templin (US), Fred L
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Tom Herbert
- Re: [Int-area] WG Adoption Call: IP Fragmentation… Joe Touch