IETF Logo Mail Archive

Re: [Spud] SPUD's open/close are unconvincing

Phillip Hallam-Baker <phill@hallambaker.com> Thu, 09 April 2015 13:09 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92AF41B2D38 for <spud@ietfa.amsl.com>; Thu, 9 Apr 2015 06:09:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bgWi3_ss_C8O for <spud@ietfa.amsl.com>; Thu, 9 Apr 2015 06:09:20 -0700 (PDT)
Received: from mail-la0-x22e.google.com (mail-la0-x22e.google.com [IPv6:2a00:1450:4010:c03::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BC1A1B2D3A for <spud@ietf.org>; Thu, 9 Apr 2015 06:09:19 -0700 (PDT)
Received: by laat2 with SMTP id t2so81955241laa.1 for <spud@ietf.org>; Thu, 09 Apr 2015 06:09:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=4PtZNS6aeSJAMwNzMhVsGvlXsYjXhJcc9E+/sJTsXwo=; b=seLxLOE3vBUtfGWevPmqQz7Cqqf/++Mzh+D6bfvBpWvVshiXVpL0wG7F8lC3+SScL6 F2q4HA3qI+2PKPelRSVertwMPE0tPWg9wRIdhyVN5bcepnXl7xhHgub9lbnPhMA+IwU5 /Gl1Zbaozz4pYWnm1qha3EOfwKpnB1OhHodEQlare0xYX5WQb++oIR+1Mn041aDmXr0v ElxYtZULoynAPAtWwAsrTquE6eqc2MPLc+Zs4RZ2pLOXVt4HI2BuFp52gF5srh9HKpFT 7nN95nDWPemCqIr2+XmEf5nmpw5ewNcI1UEciPiNKr/V2/Uoms/m/Js67+Gs9zS5HVdQ LpLg==
MIME-Version: 1.0
X-Received: by 10.152.6.1 with SMTP id w1mr4506756law.91.1428584958042; Thu, 09 Apr 2015 06:09:18 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.147.165 with HTTP; Thu, 9 Apr 2015 06:09:17 -0700 (PDT)
In-Reply-To: <20150409041507.GJ24286@cisco.com>
References: <87iod631nv.fsf@alice.fifthhorseman.net> <DM2PR0301MB06555C7D7F32A69214405D44A8FC0@DM2PR0301MB0655.namprd03.prod.outlook.com> <20150408193920.GD24286@cisco.com> <871tju2rdq.fsf@alice.fifthhorseman.net> <20150409012229.GG24286@cisco.com> <CALx6S35NH9yPZxeARTic10b0jFEi8aC4Gmt79cxuzF_VpYYqLA@mail.gmail.com> <20150409041507.GJ24286@cisco.com>
Date: Thu, 9 Apr 2015 09:09:17 -0400
X-Google-Sender-Auth: wWSoYTh_r8TQGy3Srte_q5wcwr0
Message-ID: <CAMm+LwgD8Foe=JdJvZ4oeuhGkJJvUaNOsCJATGDsRmBwN4en_w@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Toerless Eckert <eckert@cisco.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/unhxCq46BapsFMwik3R3A9uCTxY>
Cc: Tom Herbert <tom@herbertland.com>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, "spud@ietf.org" <spud@ietf.org>
Subject: Re: [Spud] SPUD's open/close are unconvincing
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2015 13:09:22 -0000

On Thu, Apr 9, 2015 at 12:15 AM, Toerless Eckert <eckert@cisco.com> wrote:
> On Wed, Apr 08, 2015 at 08:46:24PM -0700, Tom Herbert wrote:
>> I think the kernel/user-land argument is a red herring.
>
> Elaborate please. To me its probably the biggest motivator for
> SPUD. Otherwise we could design all we need into IP and TCP.

TCP should probably not happen in the kernel either. Nor should
printer drivers be in the kernel or anything that does not require the
intermediation of the security monitor.

Looking at the shoot-yourself-in-the-foot opportunities in the IPv6
encoding, I am not exactly anxious to put all those untrusted code
paths in a position where they can root the machine.

One of the main reasons the current generation of O/S are chronically
insecure is that 90% of the stuff that is inside the security
perimeter has no business being there.


At this point TCP is water under the bridge. But that does not mean we
are obliged to remake the mistake.

When TCP was designed, the mantra was 'everything is a stream'. That
was the right abstraction for Telnet and FTP and Mail. It is probably
not the right abstraction for real time web where an unreliable
sequence of chunks seems a better fit.

v2.8.7 | Report a Bug | By Email