Re: [multipathtcp] Security etc
Wesley Eddy <wes@mti-systems.com> Mon, 08 November 2010 11:32 UTC
Return-Path: <wes@mti-systems.com>
X-Original-To: multipathtcp@core3.amsl.com
Delivered-To: multipathtcp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3F3FE3A69A7 for <multipathtcp@core3.amsl.com>; Mon, 8 Nov 2010 03:32:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DC+r9EX+ZRoB for <multipathtcp@core3.amsl.com>; Mon, 8 Nov 2010 03:32:14 -0800 (PST)
Received: from omr14.networksolutionsemail.com (omr14.networksolutionsemail.com [205.178.146.64]) by core3.amsl.com (Postfix) with ESMTP id 6D5273A68C4 for <multipathtcp@ietf.org>; Mon, 8 Nov 2010 03:32:14 -0800 (PST)
Received: from cm-omr9 (mail.networksolutionsemail.com [205.178.146.50]) by omr14.networksolutionsemail.com (8.13.6/8.13.6) with ESMTP id oA8BWYaK009381 for <multipathtcp@ietf.org>; Mon, 8 Nov 2010 06:32:34 -0500
Authentication-Results: cm-omr9 smtp.user=wes@mti-systems.com; auth=pass (PLAIN)
X-Authenticated-UID: wes@mti-systems.com
Received: from [130.129.113.60] ([130.129.113.60:50691] helo=[130.129.113.60]) by cm-omr9 (envelope-from <wes@mti-systems.com>) (ecelerity 2.2.2.41 r(31179/31189)) with ESMTPA id 9A/58-06780-1DFD7DC4; Mon, 08 Nov 2010 06:32:34 -0500
Message-ID: <4CD7DFCF.2020001@mti-systems.com>
Date: Mon, 08 Nov 2010 06:32:31 -0500
From: Wesley Eddy <wes@mti-systems.com>
Organization: MTI Systems
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.9) Gecko/20100915 Thunderbird/3.1.4
MIME-Version: 1.0
To: multipathtcp@ietf.org
References: <D95464FB-3B91-4235-8C39-DD284A2655F5@muada.com>
In-Reply-To: <D95464FB-3B91-4235-8C39-DD284A2655F5@muada.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [multipathtcp] Security etc
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/multipathtcp>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Nov 2010 11:32:17 -0000
On 11/8/2010 5:32 AM, Iljitsch van Beijnum wrote: > I was listening to the audio as I walked to work... > > Is there any particular reason why the MPTCP security can't be based on a Diffie-Hellman key exchange? This would seem perfectly suited to the problem at hand. > > I was also wondering if it would be useful to exchange MPTCP signaling in the data stream as out-of-band data. I'm not sure how OOB is implemented in TCP today, but if we're lucky this data is simply ignored. In that case it would be a good place to put the signaling. There is no OOB data in TCP; there's an urgent pointer, but there are enough problems with it that it can't be used here: http://tools.ietf.org/html/draft-ietf-tcpm-urgent-data-07 > However, there is no reason that this can't be done in options, even if the data that needs to be exchanged is large: we could implement a lightweight (and irony-proof) reliable transport that rides on TCP options that simply segments the data into pieces that fit into the option space. That's true; this kind of thing has been done before, and can work. However, it does involve a bit of effort that may be bigger than MPTCP's scope.
- [multipathtcp] Security etc Iljitsch van Beijnum
- Re: [multipathtcp] Security etc Wesley Eddy