Re: [secdir] draft-ietf-tcpm-tcpsecure
Lars Eggert <lars.eggert@nokia.com> Thu, 09 July 2009 07:06 UTC
Return-Path: <lars.eggert@nokia.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1EC653A68B5; Thu, 9 Jul 2009 00:06:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.496
X-Spam-Level:
X-Spam-Status: No, score=-2.496 tagged_above=-999 required=5 tests=[AWL=0.103, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q7tFYNlPYdnF; Thu, 9 Jul 2009 00:06:48 -0700 (PDT)
Received: from mail.fit.nokia.com (mail.fit.nokia.com [195.148.124.195]) by core3.amsl.com (Postfix) with ESMTP id DCE773A67DD; Thu, 9 Jul 2009 00:06:47 -0700 (PDT)
Received: from [192.168.0.197] (funet-wlan.fit.nokia.com [195.148.124.254]) (authenticated bits=0) by mail.fit.nokia.com (8.14.3/8.14.3) with ESMTP id n69772o9021500 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 9 Jul 2009 10:07:02 +0300 (EEST) (envelope-from lars.eggert@nokia.com)
Message-Id: <03C04ACE-5773-4260-AABD-E799E614C469@nokia.com>
From: Lars Eggert <lars.eggert@nokia.com>
To: Sandra Murphy <sandy@sparta.com>
In-Reply-To: <Pine.WNT.4.64.0906080948290.6048@SANDYM-LT.columbia.ads.sparta.com>
Content-Type: multipart/signed; boundary="Apple-Mail-21-380561542"; micalg="sha1"; protocol="application/pkcs7-signature"
Mime-Version: 1.0 (Apple Message framework v935.3)
Date: Thu, 09 Jul 2009 10:06:57 +0300
References: <Pine.WNT.4.64.0906080948290.6048@SANDYM-LT.columbia.ads.sparta.com>
X-Mailer: Apple Mail (2.935.3)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.2 (mail.fit.nokia.com [195.148.124.194]); Thu, 09 Jul 2009 10:07:03 +0300 (EEST)
Cc: "mdalal@cisco.com" <mdalal@cisco.com>, "ananth@cisco.com" <ananth@cisco.com>, "iesg@ietf.org" <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] draft-ietf-tcpm-tcpsecure
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jul 2009 07:06:49 -0000
Hi, Sandy, On 2009-6-8, at 16:59, Sandra Murphy wrote: > I've been on the road, so this is just a quick note to say that I > still > have questions, with a promise of more full answer when I get back > to the > office tomorrow. the authors are still waiting to hear your additional questions. Please let me know when we can expect them, so I know when I can expect a revision from the authors. Thanks, Lars > All the following done really from memory from a > re-review yesterday. Just so you know I haven't forgotten you. > > About quoting text: > > The example you point to of what each mitigation says is a good case. > (what is "rg"?) > > You posit a case 1 and case 2. This is a summary of what 793 says, > not a > quote. 793 spreads the discussion over 2 pages. your case 1 is > represented in a parenthetical remark in an "otherwise" clause - > hard to > find. And you have a typo in the inequality. And the case 2 in 793 > is > broken out over three different groupings of states. Do you mean > the new > ACK to be generated in all three state groups? > > About the stingency. > > If UNA is 1000, Max.snd.wnd is 50, and the ack is 975, then in 793, > the > ack is < UNA and so "it is ignored", in your draft the ack is > > UNA-max.snd.wnd so it is acceptable. > > So your draft accepts more ACKs that 793. > > Have I lost my ability to tell > from <? Do you regard accepting more > ACKS as "more stringent"? > > About the guidance to implementors. > > It still looks to me like this guidance is only useful to > implementors who > are implementing both the OS TCP stack *AND* the application. I.E., > freebsd won't know whether this to follow the guidance or not but > cisco/juniper/etc will. > > What is the "AS"? > > About grammar checks: > > And you did not miss email, I lost my marked up copy, so I've gone > through for the grammar check again (don't think I found all that many > nits) and will send to you. > > --Sandy > >
- [secdir] draft-ietf-tcpm-tcpsecure Sandra Murphy
- Re: [secdir] draft-ietf-tcpm-tcpsecure Lars Eggert
- Re: [secdir] draft-ietf-tcpm-tcpsecure Lars Eggert
- Re: [secdir] draft-ietf-tcpm-tcpsecure Anantha Ramaiah (ananth)
- Re: [secdir] draft-ietf-tcpm-tcpsecure Nicolas Williams
- Re: [secdir] draft-ietf-tcpm-tcpsecure Anantha Ramaiah (ananth)
- Re: [secdir] draft-ietf-tcpm-tcpsecure Nicolas Williams
- Re: [secdir] draft-ietf-tcpm-tcpsecure Anantha Ramaiah (ananth)
- Re: [secdir] draft-ietf-tcpm-tcpsecure Lars Eggert
- Re: [secdir] draft-ietf-tcpm-tcpsecure Nicolas Williams
- Re: [secdir] draft-ietf-tcpm-tcpsecure Paul Hoffman
- Re: [secdir] draft-ietf-tcpm-tcpsecure Lars Eggert
- Re: [secdir] draft-ietf-tcpm-tcpsecure Anantha Ramaiah (ananth)
- Re: [secdir] draft-ietf-tcpm-tcpsecure Anantha Ramaiah (ananth)
- Re: [secdir] draft-ietf-tcpm-tcpsecure Sandra Murphy
- Re: [secdir] draft-ietf-tcpm-tcpsecure Anantha Ramaiah (ananth)
- Re: [secdir] draft-ietf-tcpm-tcpsecure Anantha Ramaiah (ananth)