Re: [nbs] NBS and TCP connection identification

Christian Vogt <> Wed, 29 September 2010 18:48 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 961243A6DDE for <>; Wed, 29 Sep 2010 11:48:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.87
X-Spam-Status: No, score=-102.87 tagged_above=-999 required=5 tests=[AWL=-0.571, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id p2LK8DQAwH-C for <>; Wed, 29 Sep 2010 11:48:35 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id B9D953A6DB3 for <>; Wed, 29 Sep 2010 11:48:35 -0700 (PDT)
Received: from ([]) by (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id o8TJ3Bhx019017; Wed, 29 Sep 2010 14:03:13 -0500
Received: from ([]) by ([]) with mapi; Wed, 29 Sep 2010 14:49:11 -0400
From: Christian Vogt <>
To: =?iso-8859-1?Q?R=E9mi_Despr=E9s?= <>
Date: Wed, 29 Sep 2010 14:47:53 -0400
Thread-Topic: [nbs] NBS and TCP connection identification
Thread-Index: ActgBwDZEhjgMgQfRNWl2h/5wBIGAw==
Message-ID: <>
References: <> <> <> <1285067950.2068.59.camel@bit> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "" <>
Subject: Re: [nbs] NBS and TCP connection identification
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Name based sockets discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 29 Sep 2010 18:48:36 -0000

Remi wrote:

> In my understanding NBS and address changes can remain independent, and therefore should remain so.
> - A connection initiation starts with the source and destination names chosen by the initiator (and with valid addresses for them at that time).
> The acceptor advertises at the NBS the names it received.
> It may have before that checked, with a direct a DNS query, that source address and source name are consistent, or do it after signaling the incoming connection, or never, at its own choice. 
> - Shim6, if present, works as before.
> Does this make sense to you?

I think it does.  So let me summarize:  

You are proposing that the responder should present the initiator's name as received to the responding application, without verification.  It is then up to the responding application to verify the initiator's name if needed.  Correct?

Needless to say, if the initiator does not provide a name -- e.g., because it does not have a name registered in the DNS --, the responder would generate a name for the initiator based on the initiator's IP address.  Such a "synthesized" name does not have to be verified; it already provides the same level of security that we have today.

Is this summary accurate?

- Christian