Re: [Spud] SPUD's open/close are unconvincing
Tom Herbert <tom@herbertland.com> Thu, 09 April 2015 17:23 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id D2A2E1A89EB
for <spud@ietfa.amsl.com>; Thu, 9 Apr 2015 10:23:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7]
autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id AgCli487DmUc for <spud@ietfa.amsl.com>;
Thu, 9 Apr 2015 10:23:00 -0700 (PDT)
Received: from mail-ig0-f175.google.com (mail-ig0-f175.google.com
[209.85.213.175])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id A9BDB1A897B
for <spud@ietf.org>; Thu, 9 Apr 2015 10:23:00 -0700 (PDT)
Received: by igbqf9 with SMTP id qf9so70582870igb.1
for <spud@ietf.org>; Thu, 09 Apr 2015 10:23:00 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:in-reply-to:references:date
:message-id:subject:from:to:cc:content-type;
bh=q1VsTF5aHg4ydfUfSGnZWKHhfK3TtcnY96vFDuosj0s=;
b=cKX3R29h9JKqJjwR+r5eT9XvCs1g+zIfG6qrWGpFukhQ5AB7lnZpSMXGkBNwkpdmsw
J1gLUI/dqt5/Cgl0zI3goRdSgtVC68liIhkVJRsGvlpetugc/E1i947bd914nKLszyIO
XVcn/tOmJfn22QXnsB6boJM90Z2h2ysNKksqbUNqeEo05NoNpleVGIQukehMFLcjxjg/
oZmoVf2/HqTiK5cHMEWIm7KX2IYMpvM/FrepW18ZdJHmDZnExkkO6ijSG6Up8k3DiQv4
fQww2HAXmJWSHcGkNCxW5hSMXvSv+SdidlsVkQtMe/i9oAx9bd3JV0OGzJ6C9+7C28vp
JmaA==
X-Gm-Message-State: ALoCoQm+qFLiRRvgTE1jTRUuz80OKMBJVDH7qiGTH/jw1zqSYLRj6H6wdaRmGEHL86Ut81rHjmrE
MIME-Version: 1.0
X-Received: by 10.107.130.165 with SMTP id m37mr45048073ioi.62.1428600180088;
Thu, 09 Apr 2015 10:23:00 -0700 (PDT)
Received: by 10.107.149.15 with HTTP; Thu, 9 Apr 2015 10:22:59 -0700 (PDT)
In-Reply-To: <CAMm+LwgD8Foe=JdJvZ4oeuhGkJJvUaNOsCJATGDsRmBwN4en_w@mail.gmail.com>
References: <87iod631nv.fsf@alice.fifthhorseman.net>
<DM2PR0301MB06555C7D7F32A69214405D44A8FC0@DM2PR0301MB0655.namprd03.prod.outlook.com>
<20150408193920.GD24286@cisco.com>
<871tju2rdq.fsf@alice.fifthhorseman.net>
<20150409012229.GG24286@cisco.com>
<CALx6S35NH9yPZxeARTic10b0jFEi8aC4Gmt79cxuzF_VpYYqLA@mail.gmail.com>
<20150409041507.GJ24286@cisco.com>
<CAMm+LwgD8Foe=JdJvZ4oeuhGkJJvUaNOsCJATGDsRmBwN4en_w@mail.gmail.com>
Date: Thu, 9 Apr 2015 10:22:59 -0700
Message-ID: <CALx6S37PO+1_iqv44-QtNT_=ThMBbffOa-vNtG8wLSyFoGYU4A@mail.gmail.com>
From: Tom Herbert <tom@herbertland.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/xFzeiVCTJBrS5vWoIHazFGAUIps>
Cc: Toerless Eckert <eckert@cisco.com>,
Daniel Kahn Gillmor <dkg@fifthhorseman.net>, "spud@ietf.org" <spud@ietf.org>
Subject: Re: [Spud] SPUD's open/close are unconvincing
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>,
<mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>,
<mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Apr 2015 17:23:03 -0000
On Thu, Apr 9, 2015 at 6:09 AM, Phillip Hallam-Baker <phill@hallambaker.com> wrote: > On Thu, Apr 9, 2015 at 12:15 AM, Toerless Eckert <eckert@cisco.com> wrote: >> On Wed, Apr 08, 2015 at 08:46:24PM -0700, Tom Herbert wrote: >>> I think the kernel/user-land argument is a red herring. >> >> Elaborate please. To me its probably the biggest motivator for >> SPUD. Otherwise we could design all we need into IP and TCP. > > TCP should probably not happen in the kernel either. Nor should > printer drivers be in the kernel or anything that does not require the > intermediation of the security monitor. > > Looking at the shoot-yourself-in-the-foot opportunities in the IPv6 > encoding, I am not exactly anxious to put all those untrusted code > paths in a position where they can root the machine. > > One of the main reasons the current generation of O/S are chronically > insecure is that 90% of the stuff that is inside the security > perimeter has no business being there. > The major Internet security problem now is in embedded systems which are not maintained (which notably includes middleboxes like home routers) (https://www.schneier.com/essays/archives/2014/01/the_internet_of_thin.html). This is not a OS, userspace, or firmware issue, or even protocol a issue-- but this is an issue with the software deployment model of a wide array of products. I don't know how SPUD will be able to help solve this, but it should at least not make things less secure. > > At this point TCP is water under the bridge. But that does not mean we > are obliged to remake the mistake. > > When TCP was designed, the mantra was 'everything is a stream'. That > was the right abstraction for Telnet and FTP and Mail. It is probably > not the right abstraction for real time web where an unreliable > sequence of chunks seems a better fit.
- Re: [Spud] SPUD's open/close are unconvincing Joe Hildebrand (jhildebr)
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Christian Huitema
- [Spud] SPUD's open/close are unconvincing Daniel Kahn Gillmor
- Re: [Spud] SPUD's open/close are unconvincing Daniel Kahn Gillmor
- Re: [Spud] SPUD's open/close are unconvincing Christian Huitema
- Re: [Spud] SPUD's open/close are unconvincing Brian Trammell
- Re: [Spud] SPUD's open/close are unconvincing Caitlin Bestler
- Re: [Spud] SPUD's open/close are unconvincing Jana Iyengar
- Re: [Spud] SPUD's open/close are unconvincing Eliot Lear
- Re: [Spud] SPUD's open/close are unconvincing Tom Herbert
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Tom Herbert
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert (eckert)
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Roland Bless
- Re: [Spud] SPUD's open/close are unconvincing Phillip Hallam-Baker
- Re: [Spud] SPUD's open/close are unconvincing Phillip Hallam-Baker
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Eliot Lear
- Re: [Spud] SPUD's open/close are unconvincing Brian Trammell
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Tom Herbert
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Eliot Lear
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Tom Herbert
- Re: [Spud] SPUD's open/close are unconvincing Caitlin Bestler
- Re: [Spud] SPUD's open/close are unconvincing Toerless Eckert
- Re: [Spud] SPUD's open/close are unconvincing Tom Herbert
- Re: [Spud] SPUD's open/close are unconvincing Yoav Nir
- Re: [Spud] SPUD's open/close are unconvincing Jana Iyengar
- Re: [Spud] SPUD's open/close are unconvincing Jana Iyengar
- Re: [Spud] SPUD's open/close are unconvincing Daniel Kahn Gillmor
- Re: [Spud] SPUD's open/close are unconvincing Eliot Lear