[Spud] on trust and lying
Eliot Lear <lear@cisco.com> Wed, 25 March 2015 18:57 UTC
Return-Path: <lear@cisco.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 0D3B01B2ACA
for <spud@ietfa.amsl.com>; Wed, 25 Mar 2015 11:57:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001,
T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id thm8tnCeNzBh for <spud@ietfa.amsl.com>;
Wed, 25 Mar 2015 11:57:02 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92])
(using TLSv1 with cipher RC4-SHA (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id DA7721B2AEA
for <spud@ietf.org>; Wed, 25 Mar 2015 11:56:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=cisco.com; i=@cisco.com; l=2088; q=dns/txt; s=iport;
t=1427309806; x=1428519406;
h=message-id:date:from:mime-version:to:subject;
bh=iarQ6K6mRGfVhRDJOqKUaKczcX7ox9C/hrvBQaxLe+c=;
b=HFPcN3L7iUk15qR/5Ta1JuNo+J3UM31fsU2BAJb7FF8VddTmMpcsuIx5
2W2xu/WASK7yls56wUQIRnQ7hmKw0wSrvNSs/01HT8vZ+6pAOL1C5nEkh
5Hl8CHHHgUT11f4s8B1zx/lcqyI8dujcyIOEFLbOxZwBulq3/kjt8pCfg M=;
X-Files: signature.asc : 486
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AJBQB3BBNV/49dJa1cgwaEPslSTAEBAQEBAX2EPlU9FgsCCwMCAQIBPxkIAQGIK6AMj0yaR5A0glKBRQWLE4cmgTKGVIcDjSkihAwggnQBAQE
X-IronPort-AV: E=Sophos;i="5.11,466,1422921600";
d="asc'?scan'208";a="135373328"
Received: from rcdn-core-7.cisco.com ([173.37.93.143])
by alln-iport-5.cisco.com with ESMTP; 25 Mar 2015 18:56:46 +0000
Received: from [10.89.7.249] (rcdn-vpn-client-10-89-7-249.cisco.com
[10.89.7.249])
by rcdn-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id t2PIujit027354
for <spud@ietf.org>; Wed, 25 Mar 2015 18:56:45 GMT
Message-ID: <551304ED.7080601@cisco.com>
Date: Wed, 25 Mar 2015 13:56:45 -0500
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10;
rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: spud@ietf.org
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="kvxkcL2KjXsnuuQFg6lVvaPnEKT9C70dH"
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/OPkmGIxSCwIlfJhwCEkVq1FH4Sw>
Subject: [Spud] on trust and lying
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>,
<mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>,
<mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2015 18:57:04 -0000
A comment was made at the microphone that middle boxes will lie to end hosts and end hosts will lie to middle boxes. That is not strictly true, and we have an existence proof of when it is not: that is TCP. The intended point of Joe's slide to map SPUD states to TCP wasn't just a simple example. The behavior of TCP on the hosts can be observed by the middle box and based on that behavior the middlebox can make appropriate decisions. The most classic example of this is simply blocking inbound SYNs to block opening of new connections. New connections do not establish absent that first naked SYN. Similarly, the network can assume that only connections that are already open will contain an ACK, knowing that a host will reject an unsolicited packet that contains that flag. That three way handshake is in effect an implicit behavior contract between the end host and middle boxes. Whatever SPUD becomes, it has to establish, at the very least, that implicit behavior contract for UDP. Today it simply doesn't exist in the general sense, although there are may be a higher few protocols that allow for that. Eliot
- [Spud] on trust and lying Eliot Lear
- Re: [Spud] on trust and lying Salvatore Loreto
- Re: [Spud] on trust and lying Roland Bless
- Re: [Spud] on trust and lying Bob Briscoe