IETF Logo Mail Archive

Re: [Spud] SPUD's open/close are unconvincing

Tom Herbert <tom@herbertland.com> Thu, 09 April 2015 17:23 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2A2E1A89EB for <spud@ietfa.amsl.com>; Thu, 9 Apr 2015 10:23:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AgCli487DmUc for <spud@ietfa.amsl.com>; Thu, 9 Apr 2015 10:23:00 -0700 (PDT)
Received: from mail-ig0-f175.google.com (mail-ig0-f175.google.com [209.85.213.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A9BDB1A897B for <spud@ietf.org>; Thu, 9 Apr 2015 10:23:00 -0700 (PDT)
Received: by igbqf9 with SMTP id qf9so70582870igb.1 for <spud@ietf.org>; Thu, 09 Apr 2015 10:23:00 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=q1VsTF5aHg4ydfUfSGnZWKHhfK3TtcnY96vFDuosj0s=; b=cKX3R29h9JKqJjwR+r5eT9XvCs1g+zIfG6qrWGpFukhQ5AB7lnZpSMXGkBNwkpdmsw J1gLUI/dqt5/Cgl0zI3goRdSgtVC68liIhkVJRsGvlpetugc/E1i947bd914nKLszyIO XVcn/tOmJfn22QXnsB6boJM90Z2h2ysNKksqbUNqeEo05NoNpleVGIQukehMFLcjxjg/ oZmoVf2/HqTiK5cHMEWIm7KX2IYMpvM/FrepW18ZdJHmDZnExkkO6ijSG6Up8k3DiQv4 fQww2HAXmJWSHcGkNCxW5hSMXvSv+SdidlsVkQtMe/i9oAx9bd3JV0OGzJ6C9+7C28vp JmaA==
X-Gm-Message-State: ALoCoQm+qFLiRRvgTE1jTRUuz80OKMBJVDH7qiGTH/jw1zqSYLRj6H6wdaRmGEHL86Ut81rHjmrE
MIME-Version: 1.0
X-Received: by 10.107.130.165 with SMTP id m37mr45048073ioi.62.1428600180088; Thu, 09 Apr 2015 10:23:00 -0700 (PDT)
Received: by 10.107.149.15 with HTTP; Thu, 9 Apr 2015 10:22:59 -0700 (PDT)
In-Reply-To: <CAMm+LwgD8Foe=JdJvZ4oeuhGkJJvUaNOsCJATGDsRmBwN4en_w@mail.gmail.com>
References: <87iod631nv.fsf@alice.fifthhorseman.net> <DM2PR0301MB06555C7D7F32A69214405D44A8FC0@DM2PR0301MB0655.namprd03.prod.outlook.com> <20150408193920.GD24286@cisco.com> <871tju2rdq.fsf@alice.fifthhorseman.net> <20150409012229.GG24286@cisco.com> <CALx6S35NH9yPZxeARTic10b0jFEi8aC4Gmt79cxuzF_VpYYqLA@mail.gmail.com> <20150409041507.GJ24286@cisco.com> <CAMm+LwgD8Foe=JdJvZ4oeuhGkJJvUaNOsCJATGDsRmBwN4en_w@mail.gmail.com>
Date: Thu, 9 Apr 2015 10:22:59 -0700
Message-ID: <CALx6S37PO+1_iqv44-QtNT_=ThMBbffOa-vNtG8wLSyFoGYU4A@mail.gmail.com>
From: Tom Herbert <tom@herbertland.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/xFzeiVCTJBrS5vWoIHazFGAUIps>
Cc: Toerless Eckert <eckert@cisco.com>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, "spud@ietf.org" <spud@ietf.org>
Subject: Re: [Spud] SPUD's open/close are unconvincing
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2015 17:23:03 -0000

On Thu, Apr 9, 2015 at 6:09 AM, Phillip Hallam-Baker
<phill@hallambaker.com> wrote:
> On Thu, Apr 9, 2015 at 12:15 AM, Toerless Eckert <eckert@cisco.com> wrote:
>> On Wed, Apr 08, 2015 at 08:46:24PM -0700, Tom Herbert wrote:
>>> I think the kernel/user-land argument is a red herring.
>>
>> Elaborate please. To me its probably the biggest motivator for
>> SPUD. Otherwise we could design all we need into IP and TCP.
>
> TCP should probably not happen in the kernel either. Nor should
> printer drivers be in the kernel or anything that does not require the
> intermediation of the security monitor.
>
> Looking at the shoot-yourself-in-the-foot opportunities in the IPv6
> encoding, I am not exactly anxious to put all those untrusted code
> paths in a position where they can root the machine.
>
> One of the main reasons the current generation of O/S are chronically
> insecure is that 90% of the stuff that is inside the security
> perimeter has no business being there.
>
The major Internet security problem now is in embedded systems which
are not maintained (which notably includes middleboxes  like home
routers) (https://www.schneier.com/essays/archives/2014/01/the_internet_of_thin.html).
This is not a OS, userspace, or firmware issue, or even protocol a
issue-- but this is an issue with the software deployment model of a
wide array of products. I don't know how SPUD will be able to help
solve this, but it should at least not make things less secure.

>
> At this point TCP is water under the bridge. But that does not mean we
> are obliged to remake the mistake.
>
> When TCP was designed, the mantra was 'everything is a stream'. That
> was the right abstraction for Telnet and FTP and Mail. It is probably
> not the right abstraction for real time web where an unreliable
> sequence of chunks seems a better fit.

v2.8.7 | Report a Bug | By Email