IETF Logo Mail Archive

Re: [Int-area] Middleboxes to aid the deployment of MPTCP

Joe Touch <touch@isi.edu> Wed, 19 July 2017 19:45 UTC

Return-Path: <touch@isi.edu>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85369131468; Wed, 19 Jul 2017 12:45:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BGANJt30ejID; Wed, 19 Jul 2017 12:45:54 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5058C126DC2; Wed, 19 Jul 2017 12:45:54 -0700 (PDT)
Received: from [128.9.184.233] ([128.9.184.233]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id v6JJj3At008865 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 19 Jul 2017 12:45:04 -0700 (PDT)
To: mohamed.boucadair@orange.com, Erik Kline <ek@google.com>
Cc: Tom Herbert <tom@herbertland.com>, Internet Area <int-area@ietf.org>, "tsv-area@ietf.org" <tsv-area@ietf.org>
References: <fe384d2b-a0ba-9444-2ee9-cd0de6d24b7c@tessares.net> <61608b70-6861-e7f8-96de-5679718a9680@isi.edu> <CALx6S35LpE=Z8DhanPuVcN9sVR2rkxtFPUZMd6Z4v1PHsnzF0w@mail.gmail.com> <787AE7BB302AE849A7480A190F8B93300A00EA6D@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAAedzxqqNM-oc85HLXTQtkQ4Sh+VE=Jsd7wQMjab99ib37_8YQ@mail.gmail.com> <787AE7BB302AE849A7480A190F8B93300A00ECBE@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <d09aee1c-1fad-d96b-63ed-664ba4476387@isi.edu> <787AE7BB302AE849A7480A190F8B93300A00F3A3@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
From: Joe Touch <touch@isi.edu>
Message-ID: <fdd86843-8f75-793d-fcff-8cb46025d982@isi.edu>
Date: Wed, 19 Jul 2017 12:45:01 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <787AE7BB302AE849A7480A190F8B93300A00F3A3@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Content-Type: multipart/alternative; boundary="------------62814551B0BA39CB381CD993"
Content-Language: en-US
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-area/nQKgVXChLmPeuiOOTVWG3d-G3gI>
Subject: Re: [Int-area] Middleboxes to aid the deployment of MPTCP
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 19:45:56 -0000


On 7/19/2017 11:39 AM, mohamed.boucadair@orange.com wrote:
>> Doing tricks to demonstrate that an attacker (i.e., something that
>> modifies TCP segments on path) can do otherwise should not be considered
>> a viable alternative.
> [Med] We are defining an application proxy that assist the user to maximize the use of its available network resources. The proxy relies on IETF defined BCPs (defined by behave and tsvwg) to relay TCP packets. 
Application proxies don't relay TCP segments. They don't even see TCP
segments.

And they can't work unless the client opens a connection to the proxy;
if the client opens a connection to the server, then intercepting and
modifying the TCP segments in-flight is called an attack on TCP.

Joe

v2.23.0 | Report a Bug | By Email