RE: UDP+Fragmentation (was: "Deprecate")
"C. M. Heard" <heard@pobox.com> Mon, 19 August 2013 02:57 UTC
Return-Path: <heard@pobox.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B449621F9CA6 for <ipv6@ietfa.amsl.com>; Sun, 18 Aug 2013 19:57:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QI1MsohWXQ0C for <ipv6@ietfa.amsl.com>; Sun, 18 Aug 2013 19:57:41 -0700 (PDT)
Received: from shell4.bayarea.net (shell4.bayarea.net [209.128.82.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C24D21F9D04 for <ipv6@ietf.org>; Sun, 18 Aug 2013 19:57:41 -0700 (PDT)
Received: (qmail 22083 invoked from network); 18 Aug 2013 19:57:37 -0700
Received: from shell4.bayarea.net (209.128.82.1) by shell4.bayarea.net with (DHE-RSA-AES256-SHA encrypted) SMTP; 18 Aug 2013 19:57:37 -0700
Date: Sun, 18 Aug 2013 19:57:37 -0700
From: "C. M. Heard" <heard@pobox.com>
X-X-Sender: heard@shell4.bayarea.net
To: IPv6 <ipv6@ietf.org>
Subject: RE: UDP+Fragmentation (was: "Deprecate")
In-Reply-To: <2134F8430051B64F815C691A62D983180E0E0D@XCH-BLV-504.nw.nos.boeing.com>
Message-ID: <Pine.LNX.4.64.1308181938420.15297@shell4.bayarea.net>
References: <782A011A-B28F-4BD9-B3F1-C194D6244DFA@gmail.com> <Pine.LNX.4.64.1308010951100.15607@shell4.bayarea.net> <Pine.LNX.4.64.1308052027420.28100@shell4.bayarea.net> <f4cb5436e86b4ec88d34f2d21e2bbb24@BL2PR05MB243.namprd05.prod.outlook.com> <2134F8430051B64F815C691A62D983180E0A69@XCH-BLV-504.nw.nos.boeing.com> <fee4460daf2748e0bc5efda62c00b7df@BL2PR05MB243.namprd05.prod.outlook.com> <2134F8430051B64F815C691A62D983180E0D96@XCH-BLV-504.nw.nos.boeing.com> <2134F8430051B64F815C691A62D983180E0E0D@XCH-BLV-504.nw.nos.boeing.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Aug 2013 02:57:46 -0000
On Tue, 6 Aug 2013, Templin, Fred L wrote: > One other thing for now is that Mike's proposal doesn't even > address the attack vector that 'draft-bonica-6man-frag-deprecate' > is concerned about. To address the tiny fragment concern, the > protocol must ensure that tiny fragments cannot ever be created. That is incorrect, or at least a red herring. As draft-bonica-6man-frag-deprecate Section 2.3 points out, tiny IP-layer fragments are a problem because thsy can be crafted so that the L4 header, or a significant part thereof, does not appear in the initial IP fragment. In the proposal I floated (or variants thereof, like a UDP replacement with a new protocol number) where L4 segments are used _instead_ of IP fragments that cannot happen, because the L4 header appears in front of _each_ segment -- just as with TCP. Tiny transport layer _segments_ have not been identified as a problem. //cmh
- Re: UDP+Fragmentation (was: "Deprecate") C. M. Heard
- Re: UDP+Fragmentation (was: "Deprecate") RJ Atkinson
- Re: UDP+Fragmentation (was: "Deprecate") C. M. Heard
- Re: UDP+Fragmentation (was: "Deprecate") Mark ZZZ Smith
- Re: UDP+Fragmentation (was: "Deprecate") Mark ZZZ Smith
- Re: UDP+Fragmentation Brian E Carpenter
- Re: UDP+Fragmentation C. M. Heard
- RE: UDP+Fragmentation Templin, Fred L
- Re: UDP+Fragmentation Mark Andrews
- Re: UDP+Fragmentation Mark Andrews
- Re: UDP+Fragmentation C. M. Heard
- Re: UDP+Fragmentation Mark Andrews
- RE: UDP+Fragmentation Templin, Fred L
- RE: UDP+Fragmentation Templin, Fred L
- RE: UDP+Fragmentation (was: "Deprecate") Ronald Bonica
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- RE: UDP+Fragmentation (was: "Deprecate") Ronald Bonica
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- Re: UDP+Fragmentation Doug Barton
- RE: UDP+Fragmentation Templin, Fred L
- RE: UDP+Fragmentation (was: "Deprecate") Ronald Bonica
- Re: UDP+Fragmentation Mark Andrews
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- RE: UDP+Fragmentation Templin, Fred L
- RE: UDP+Fragmentation Templin, Fred L
- Re: UDP+Fragmentation Mark Andrews
- RE: UDP+Fragmentation Templin, Fred L
- Re: UDP+Fragmentation Mark Andrews
- RE: UDP+Fragmentation Templin, Fred L
- Re: UDP+Fragmentation Mark Andrews
- RE: UDP+Fragmentation (was: "Deprecate") Ronald Bonica
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- RE: UDP+Fragmentation (was: "Deprecate") C. M. Heard
- RE: UDP+Fragmentation (was: "Deprecate") C. M. Heard
- RE: UDP+Fragmentation (was: "Deprecate") C. M. Heard
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- Re: [6MAN] UDP+Fragmentation (was: "Deprecate") Warren Kumari
- Re: [6MAN] UDP+Fragmentation (was: "Deprecate") Mark Andrews
- Re: [6MAN] UDP+Fragmentation (was: "Deprecate") C. M. Heard
- RE: [6MAN] UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- Re: UDP+Fragmentation (was: "Deprecate") C. M. Heard
- Re: UDP+Fragmentation (was: "Deprecate") Mark Andrews
- Re: UDP+Fragmentation (was: "Deprecate") Fernando Gont
- RE: UDP+Fragmentation (was: "Deprecate") Templin, Fred L
- RFC4821 for tunnels using SEAL Templin, Fred L
- Re: UDP+Fragmentation (was: "Deprecate") C. M. Heard
- Re: [6MAN] UDP+Fragmentation (was: "Deprecate") Warren Kumari
- Re: [6MAN] UDP+Fragmentation (was: "Deprecate") Fernando Gont
- Re: [6MAN] UDP+Fragmentation (was: "Deprecate") Warren Kumari
- Re: [6MAN] UDP+Fragmentation Fernando Gont
- Re: UDP+Fragmentation (was: "Deprecate") Fernando Gont
- RE: RFC4821 for tunnels using SEAL Templin, Fred L
- RE: RFC4821 for tunnels using SEAL Templin, Fred L