Re: [secdir] Fwd: Secdir review of draft-paxson-tcpm-rfc2988bis-02
Mark Allman <mallman@icir.org> Fri, 22 April 2011 02:09 UTC
Return-Path: <mallman@icir.org>
X-Original-To: secdir@ietfc.amsl.com
Delivered-To: secdir@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 911BDE0756; Thu, 21 Apr 2011 19:09:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.518
X-Spam-Level:
X-Spam-Status: No, score=-106.518 tagged_above=-999 required=5 tests=[AWL=0.081, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TG1sCC8+duhC; Thu, 21 Apr 2011 19:09:23 -0700 (PDT)
Received: from fruitcake.ICSI.Berkeley.EDU (fruitcake.ICSI.Berkeley.EDU [192.150.186.11]) by ietfc.amsl.com (Postfix) with ESMTP id D3D58E075D; Thu, 21 Apr 2011 19:09:22 -0700 (PDT)
Received: from lawyers.icir.org (jack.ICSI.Berkeley.EDU [192.150.186.73]) by fruitcake.ICSI.Berkeley.EDU (8.12.11.20060614/8.12.11) with ESMTP id p3M29Lf8018639; Thu, 21 Apr 2011 19:09:21 -0700 (PDT)
Received: from lawyers.icir.org (www.obdev.at [127.0.0.1]) by lawyers.icir.org (Postfix) with ESMTP id 97DF53A92334; Thu, 21 Apr 2011 22:09:21 -0400 (EDT)
To: Catherine Meadows <catherine.meadows@nrl.navy.mil>
From: Mark Allman <mallman@icir.org>
In-Reply-To: <2A6D3E9C-75A6-42D7-B122-AF9AC035B2E8@nrl.navy.mil>
Organization: International Computer Science Institute (ICSI)
Song-of-the-Day: Nobody Told Me
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="--------ma58193-1"; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Thu, 21 Apr 2011 22:09:21 -0400
Sender: mallman@icir.org
Message-Id: <20110422020921.97DF53A92334@lawyers.icir.org>
X-Mailman-Approved-At: Sat, 23 Apr 2011 08:08:33 -0700
Cc: draft-paxson-tcpm-rfc2988bis.all@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] Fwd: Secdir review of draft-paxson-tcpm-rfc2988bis-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mallman@icir.org
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2011 02:09:23 -0000
I agree with everything Vern said. But, two more points. > Thus, it is a natural target for exploitation for a denial of service > attack, in which an attacker convinces a sender to lower its RTO to an > unsafe value, causing it to retransmit its packets that are not really > lost, and thus lead to congestion. First, I don't think this makes sense. Even if some attacker can convince a sender to reduce its RTO and hence trip the RTO early this will *reduce* the sender's rate (RFC5681). That is certainly an impairment attack on the connection itself, but that does not "lead to congestion". I.e., it is not somehow an attack on the broader network. In fact, the connection would "lead to congestion" with a higher probability if it were to continue unimpaired at a higher sending rate. Second, I am loathe to change a security considerations section that has been good enough for 11 years unless there are actually new security considerations. allman
- [secdir] Secdir review of draft-paxson-tcpm-rfc29… Catherine Meadows
- [secdir] Fwd: Secdir review of draft-paxson-tcpm-… Catherine Meadows
- Re: [secdir] Secdir review of draft-paxson-tcpm-r… Catherine Meadows
- Re: [secdir] Fwd: Secdir review of draft-paxson-t… Vern Paxson
- Re: [secdir] Fwd: Secdir review of draft-paxson-t… Mark Allman
- Re: [secdir] Fwd: Secdir review of draft-paxson-t… Vern Paxson