Re: [secdir] Secdir review of draft-paxson-tcpm-rfc2988bis-02
Catherine Meadows <catherine.meadows@nrl.navy.mil> Fri, 22 April 2011 20:55 UTC
Return-Path: <catherine.meadows@nrl.navy.mil>
X-Original-To: secdir@ietfc.amsl.com
Delivered-To: secdir@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 70486E07C6; Fri, 22 Apr 2011 13:55:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p70ld8MU9Y+F; Fri, 22 Apr 2011 13:55:56 -0700 (PDT)
Received: from fw5540.nrl.navy.mil (fw5540.nrl.navy.mil [132.250.196.100]) by ietfc.amsl.com (Postfix) with ESMTP id ADF3EE071B; Fri, 22 Apr 2011 13:55:56 -0700 (PDT)
Received: from chacs.nrl.navy.mil (sun1.fw5540.net [10.0.0.11]) by fw5540.nrl.navy.mil (8.13.8/8.13.6) with ESMTP id p3MKtsYk021604; Fri, 22 Apr 2011 16:55:55 -0400 (EDT)
Received: from chacs.nrl.navy.mil (sun1 [10.0.0.11]) by chacs.nrl.navy.mil (8.13.8/8.13.6) with SMTP id p3MKtrBS023605; Fri, 22 Apr 2011 16:55:53 -0400 (EDT)
Received: from siduri.fw5540.net ([10.0.3.73]) by chacs.nrl.navy.mil (SMSSMTP 4.1.16.48) with SMTP id M2011042216555330062 ; Fri, 22 Apr 2011 16:55:53 -0400
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: multipart/alternative; boundary="Apple-Mail-3-928933738"
From: Catherine Meadows <catherine.meadows@nrl.navy.mil>
In-Reply-To: <20110422020921.97DF53A92334@lawyers.icir.org>
Date: Fri, 22 Apr 2011 17:02:44 -0400
Message-Id: <2066F5DE-3200-46B6-8350-E72966821B85@nrl.navy.mil>
References: <20110422020921.97DF53A92334@lawyers.icir.org>
To: draft-paxson-tcpm-rfc2988bis.all@tools.ietf.org
X-Mailer: Apple Mail (2.1084)
Cc: iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-paxson-tcpm-rfc2988bis-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2011 20:55:57 -0000
I, on the other hand, would say that if the security considerations section is 11 years old, it is in need of an update or at least another look. Judging from the remarks that have been made so far, there is a lot of wisdom about the security impact of RTO that is not captured in the current security considerations section. At the very least, I think a reference to the security considerations in RFC5681 would be in order. Cathy On Apr 21, 2011, at 10:09 PM, Mark Allman wrote: > > I agree with everything Vern said. But, two more points. > >> Thus, it is a natural target for exploitation for a denial of service >> attack, in which an attacker convinces a sender to lower its RTO to an >> unsafe value, causing it to retransmit its packets that are not really >> lost, and thus lead to congestion. > > First, I don't think this makes sense. Even if some attacker can > convince a sender to reduce its RTO and hence trip the RTO early this > will *reduce* the sender's rate (RFC5681). That is certainly an > impairment attack on the connection itself, but that does not "lead to > congestion". I.e., it is not somehow an attack on the broader network. > In fact, the connection would "lead to congestion" with a higher > probability if it were to continue unimpaired at a higher sending rate. > > Second, I am loathe to change a security considerations section that has > been good enough for 11 years unless there are actually new security > considerations. > > allman > > > Catherine Meadows Naval Research Laboratory Code 5543 4555 Overlook Ave., S.W. Washington DC, 20375 phone: 202-767-3490 fax: 202-404-7942 email: catherine.meadows@nrl.navy.mil
- [secdir] Secdir review of draft-paxson-tcpm-rfc29… Catherine Meadows
- [secdir] Fwd: Secdir review of draft-paxson-tcpm-… Catherine Meadows
- Re: [secdir] Secdir review of draft-paxson-tcpm-r… Catherine Meadows
- Re: [secdir] Fwd: Secdir review of draft-paxson-t… Vern Paxson
- Re: [secdir] Fwd: Secdir review of draft-paxson-t… Mark Allman
- Re: [secdir] Fwd: Secdir review of draft-paxson-t… Vern Paxson