Re: [multipathtcp] High-level design decisions /architecture
<philip.eardley@bt.com> Wed, 04 November 2009 17:01 UTC
Return-Path: <philip.eardley@bt.com>
X-Original-To: multipathtcp@core3.amsl.com
Delivered-To: multipathtcp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AC97728C0DE for <multipathtcp@core3.amsl.com>; Wed, 4 Nov 2009 09:01:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.795
X-Spam-Level:
X-Spam-Status: No, score=-2.795 tagged_above=-999 required=5 tests=[AWL=0.204, BAYES_00=-2.599, J_CHICKENPOX_72=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wWqaU46d6K94 for <multipathtcp@core3.amsl.com>; Wed, 4 Nov 2009 09:01:34 -0800 (PST)
Received: from smtp1.smtp.bt.com (smtp1.smtp.bt.com [217.32.164.137]) by core3.amsl.com (Postfix) with ESMTP id 7D2763A657C for <multipathtcp@ietf.org>; Wed, 4 Nov 2009 09:01:33 -0800 (PST)
Received: from E03MVB1-UKBR.domain1.systemhost.net ([193.113.197.110]) by smtp1.smtp.bt.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 4 Nov 2009 17:01:55 +0000
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 04 Nov 2009 17:00:54 -0000
Message-ID: <4A916DBC72536E419A0BD955EDECEDEC06363A78@E03MVB1-UKBR.domain1.systemhost.net>
In-Reply-To: <4AEF32BB.7020103@it.uc3m.es>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [multipathtcp] High-level design decisions /architecture
Thread-Index: Acpb8qCBwu80Q2GMTny0tYGiXkMvagBfO95A
From: philip.eardley@bt.com
To: multipathtcp@ietf.org
X-OriginalArrivalTime: 04 Nov 2009 17:01:55.0025 (UTC) FILETIME=[8312D410:01CA5D70]
Subject: Re: [multipathtcp] High-level design decisions /architecture
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/multipathtcp>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2009 17:01:35 -0000
>From the Security discussion it seems: - the WG needs to describe /analyse threats as soon as possible. Do people think that http://www.ietf.org/id/draft-bagnulo-mptcp-threat-00.txt is a reasonable starting point for this? - until the threat analysis doc has progressed a bit, it is too early to agree on the security mechanism. We will have to wait & see whether we can decide this in Feb/March. phil > -----Original Message----- > From: marcelo bagnulo braun [mailto:marcelo@it.uc3m.es] > Sent: 02 November 2009 19:28 > To: Eardley,PL,Philip,DEE1 R > Cc: multipathtcp@ietf.org > Subject: Re: [multipathtcp] High-level design decisions /architecture > > philip.eardley@bt.com escribió: > > > > Security > > > > ====== > > > > * exchange a token in the initial SYN for the MPTCP connection, > > and include the token when subflows /paths are added to the > > connection > > o [Question: Is the same token used whether the sender or > > receiver (of the MPTCP connection) adds the subflow? Is > > the same technique used for removing subflows? And closing > > connections, ie DATA FIN?] > > > > I have been thinking about alternatives mechanisms that without > requiring heavy crypto would remove the threats from passive on path > attackers that can laucnhh attacks to the token based security (and > require the attacker to actively change the traffic in order to launch > the attack). I think this could be worth considering since the work > required by the > I haven't been able to write an ID about that just yet, but i was hoping > to do something in the few next weeks. > > Regards, marcelo > > > > > o > > > > > > > > > > * security mechanisms will not interfere with end-to-end > > authentication etc and will be compatible with legacy middleboxes > > > > Modularity > > > > ======== > > > > · the architecture has 2 components, multipath scheduler & path > > manager - meaning that improved /different modules of each can be > > slotted in > > > > o [Comment: it is unclear from the Architecture i-d how the congestion > > control & protocol i-ds map to these components; some of the text > > (strangely?) appears in a section about implementation] > > > > o [Question: what are the mechanisms for evolvability? How is it > > negotiated which new module (for congestion control or path manager) > > to use?] > > > > o [Question: this would seem to imply we need to define an interface > > between the modules?] > > > > · there is a default path manager module, meaning it is the MUST > > fall-back option > > > > o [Comment: the charter restricts us - the path manager we work on > > will distinguish paths by multiple addresses] > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > multipathtcp mailing list > > multipathtcp@ietf.org > > https://www.ietf.org/mailman/listinfo/multipathtcp > >
- [multipathtcp] High-level design decisions /archi… philip.eardley
- Re: [multipathtcp] High-level design decisions /a… marcelo bagnulo braun
- Re: [multipathtcp] High-level design decisions /a… William Herrin
- Re: [multipathtcp] High-level design decisions /a… marcelo bagnulo braun
- Re: [multipathtcp] High-level design decisions /a… William Herrin
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Mark Handley
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Lars Eggert
- Re: [multipathtcp] High-level design decisions /a… Yoshifumi Nishida
- [multipathtcp] This shim6 part of the answer (was… marcelo bagnulo braun
- [multipathtcp] The MPTCP part (was Re: High-level… marcelo bagnulo braun
- Re: [multipathtcp] High-level design decisions /a… marcelo bagnulo braun
- Re: [multipathtcp] High-level design decisions /a… Scott Brim
- Re: [multipathtcp] High-level design decisions /a… Scott Brim
- Re: [multipathtcp] High-level design decisions /a… Scott Brim
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Costin Raiciu
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Mark Handley
- Re: [multipathtcp] High-level design decisions /a… Costin Raiciu
- Re: [multipathtcp] High-level design decisions /a… Costin Raiciu
- Re: [multipathtcp] High-level design decisions /a… Ford, Alan
- Re: [multipathtcp] High-level design decisions /a… Ford, Alan
- Re: [multipathtcp] High-level design decisions /a… Ford, Alan
- Re: [multipathtcp] High-level design decisions /a… Scott Brim
- Re: [multipathtcp] High-level design decisions /a… marcelo bagnulo braun
- Re: [multipathtcp] High-level design decisions /a… William Herrin
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Yoshifumi Nishida
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… Mark Handley
- Re: [multipathtcp] High-level design decisions /a… Ford, Alan
- Re: [multipathtcp] High-level design decisions /a… Ford, Alan
- Re: [multipathtcp] High-level design decisions /a… Yoshifumi Nishida
- Re: [multipathtcp] High-level design decisions /a… Costin Raiciu
- Re: [multipathtcp] High-level design decisions /a… philip.eardley
- Re: [multipathtcp] High-level design decisions /a… Lars Eggert
- Re: [multipathtcp] High-level design decisions /a… William Herrin
- Re: [multipathtcp] High-level design decisions /a… Yoshifumi Nishida
- Re: [multipathtcp] High-level design decisions /a… Scott Brim
- Re: [multipathtcp] High-level design decisions /a… Costin Raiciu
- Re: [multipathtcp] High-level design decisions /a… Yoshifumi Nishida
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… William Herrin
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… William Herrin
- Re: [multipathtcp] High-level design decisions /a… Joe Touch
- Re: [multipathtcp] High-level design decisions /a… William Herrin
- Re: [multipathtcp] High-level design decisions /a… Joe Touch