Re: [OPSEC] Fwd: Security Assessment of the Transmission Control Protocol (TCP)
TSG <tglassey@earthlink.net> Sat, 14 February 2009 15:27 UTC
Return-Path: <tglassey@earthlink.net>
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 14C2F3A68A5; Sat, 14 Feb 2009 07:27:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.709
X-Spam-Level:
X-Spam-Status: No, score=-2.709 tagged_above=-999 required=5 tests=[AWL=-0.110, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rV88o5PctSIZ; Sat, 14 Feb 2009 07:27:09 -0800 (PST)
Received: from elasmtp-masked.atl.sa.earthlink.net (elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]) by core3.amsl.com (Postfix) with ESMTP id 1A39A3A69C7; Sat, 14 Feb 2009 07:27:09 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=q4gQa5r99g9C82/f4KTbobk9+RoMDFNJpx2DUu4aUuC7/QPuQMGQBpzaB0qcTEwr; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
Received: from [67.180.133.66] (helo=[192.168.1.101]) by elasmtp-masked.atl.sa.earthlink.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.67) (envelope-from <tglassey@earthlink.net>) id 1LYMQ0-0003Mu-UJ; Sat, 14 Feb 2009 10:27:01 -0500
Message-ID: <4996E2C3.3030604@earthlink.net>
Date: Sat, 14 Feb 2009 07:26:59 -0800
From: TSG <tglassey@earthlink.net>
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
MIME-Version: 1.0
To: Joel Jaeggli <joelja@bogus.com>
References: <4994A4EB.5030607@gmail.com> <0B030ADA-F621-4FDF-9CAF-23A27C16E26B@multicasttech.com> <49961BDB.9030905@network-heretics.com> <49963A14.1090106@bogus.com>
In-Reply-To: <49963A14.1090106@bogus.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: 01b7a7e171bdf5911aa676d7e74259b7b3291a7d08dfec79b41deb07ca714905d2542f5e68a41e16350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 67.180.133.66
X-Mailman-Approved-At: Sat, 14 Feb 2009 07:50:08 -0800
Cc: opsec wg mailing list <opsec@ietf.org>, Keith Moore <moore@network-heretics.com>, IETF discussion list <ietf@ietf.org>
Subject: Re: [OPSEC] Fwd: Security Assessment of the Transmission Control Protocol (TCP)
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Feb 2009 15:27:10 -0000
Joel Jaeggli wrote: > Keith Moore wrote: > >> Marshall Eubanks wrote: >> >>> If I am reading this correctly the UK Centre for the Protection of >>> National Infrastructure >>> wants the IETF (or some other body) to produce a "companion document to >>> the IETF specifications that discusses the security aspects and >>> implications of the protocols, identifies the existing vulnerabilities, >>> discusses the possible countermeasures, and analyses their respective >>> effectiveness." >>> >> It's difficult to imagine that these things could be adequately captured >> in a static document, for TCP or any other protocol, because new threats >> and countermeasures continue to be identified decades after the base >> protocol is well-settled. Maybe something like an expanded version of >> the RFC Editor's errata pages would be more appropriate? >> > > One might imagine an informational document which was routinely > obsoleted by future iterations. Unfortunately this isnt new information - the liabilities of IP have been well identified and understood for years like the BGP4 flap as well. What the IETF still seems to fail to grasp is that it is responsible for its actions so its not taking security and the ability to produce reliable evidence of anything over a network transport are key factors and need to be built into any IETF endorsement that is issued in the form of a standard or standards-track effort. I also would suggest that the IETF be willing to support other protocols besides IP based - hell XNS was way more secure than IP is by its very design. Its not that TCP/IP is bad - its just that it wasnt designed as an evidentiary-grade data transport and that is nowadays a real issue. > > Keeping it tractable is a product of > necessarily limiting the scope. > I dont think so. Building an analysis scope which is defined to meet the evidence needs today would address this requirement and only need to be updated periodically to meet those changing evidence models. >> _______________________________________________ >> Ietf mailing list >> Ietf@ietf.org >> https://www.ietf.org/mailman/listinfo/ietf >> >> > > > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf > >
- Re: [OPSEC] Fwd: Security Assessment of the Trans… Joel Jaeggli
- Re: [OPSEC] Fwd: Security Assessment of the Trans… Keith Moore
- Re: [OPSEC] Fwd: Security Assessment of the Trans… Jari Arkko
- Re: [OPSEC] Fwd: Security Assessment of the Trans… TSG
- [OPSEC] Security Assessment of the Transmission C… Fernando Gont