IETF Logo Mail Archive

Re: [Spud] SPUD's open/close are unconvincing

Caitlin Bestler <caitlin.bestler@nexenta.com> Wed, 08 April 2015 21:31 UTC

Return-Path: <caitlin.bestler@nexenta.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAEA61B3395 for <spud@ietfa.amsl.com>; Wed, 8 Apr 2015 14:31:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9c2lhG1xzsX6 for <spud@ietfa.amsl.com>; Wed, 8 Apr 2015 14:31:37 -0700 (PDT)
Received: from mail-pa0-f45.google.com (mail-pa0-f45.google.com [209.85.220.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B47CB1B36D4 for <spud@ietf.org>; Wed, 8 Apr 2015 14:31:28 -0700 (PDT)
Received: by pabtp1 with SMTP id tp1so21396734pab.2 for <spud@ietf.org>; Wed, 08 Apr 2015 14:31:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=xcKVWEWFQZxpeIt5n+iam4zdgCRu4R/K18XzYfQS8Tw=; b=bh3lZt+0TwIOZbmv/Ox2Qt9LWuv8oiYPNoLrsdQsORL1uoPdC9m0Un8gxTaeGMGFik Nghll4NgIKyefVKSg7kVKfHd4YoG8gG/4hMknBhZSLUpejK+0n8gTRab+M7+Y5lXrPe5 v/s9UMNI+w8vdGOyf3tNenxV3GWKl84kK57ANBZqQ2Cul0hxBd4csS+cOYbyWPHsOEMF xlfIcJnwYEz/FChcUWvaW0nxy3FzzMRHjdcGesS/TXXjEqGFLAfL53L1K34cjxqXWy+v 88xsfPBjv1Fb40UB6HAJ0QGS34JXXtkN5qzpQWo/vm1D0nFoWcyiC0sS/UetBLUJDAmR 5Lew==
X-Gm-Message-State: ALoCoQlK8Yrt9VSP0ZAJvMu8Dq+w7w4QUDH46bG0dvXQyC273KwZYKi/5DIglG0XbbxM1G0woPW/
X-Received: by 10.70.34.196 with SMTP id b4mr50173525pdj.157.1428528688394; Wed, 08 Apr 2015 14:31:28 -0700 (PDT)
Received: from Macintosh-2.local (67-207-110-172.static.wiline.com. [67.207.110.172]) by mx.google.com with ESMTPSA id r4sm12267197pdg.11.2015.04.08.14.31.26 for <spud@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Apr 2015 14:31:27 -0700 (PDT)
Message-ID: <55259E2F.8030604@nexenta.com>
Date: Wed, 08 Apr 2015 14:31:27 -0700
From: Caitlin Bestler <caitlin.bestler@nexenta.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: spud@ietf.org
References: <87iod631nv.fsf@alice.fifthhorseman.net> <DM2PR0301MB06555C7D7F32A69214405D44A8FC0@DM2PR0301MB0655.namprd03.prod.outlook.com> <20150408193920.GD24286@cisco.com> <09D0D481-9380-42CA-94B1-895EC9E51428@cisco.com>
In-Reply-To: <09D0D481-9380-42CA-94B1-895EC9E51428@cisco.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/zJd4Y6WVviEd_9LY5CwV9_ReEJU>
Subject: Re: [Spud] SPUD's open/close are unconvincing
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 21:31:39 -0000


On 4/8/15 1:53 PM, Joe Hildebrand (jhildebr) wrote:
> On 4/8/15, 1:39 PM, "Toerless Eckert (eckert)" <eckert@cisco.com> wrote:
>
>> Daniel,
>>
>> a) I think one hope of SPUDs design is to make UDP look enough like
>>    TCP to persuade FWs (and similar middleboxes) to police / permit it
>>    as well as TCP flows are policed/permitted.
> Yes.  In talking with enterprise firewall admins, they're comfortable with these properties of TCP:
>
> - they're sure which interface the intent to start an association came in on
> - they're pretty sure that subsequent packets match that initial intent
> - they're pretty sure that if a box goes down comes back up, or a new box takes the old one's address listening on the same port, that the host will be able to reject traffic left over from an old association
> - they know when to clean up state
> - they don't feel the need to set as aggressive timeouts as they currently do for UDP, which would cause apps to send lots of extra keep-alives
>
>  From a certain perspective, it doesn't necessarily matter if we completely agree with them that today's implicit heuristics are not good enough.  We have evidence that there are enough corporate firewall admins have similar feelings, particularly in places where folks that want to deploy standards-based WebRTC solutions (e.g.), that I believe we need to take their perceptions into account.  The approach that SPUD currently takes is to smell enough like TCP from a policy perspective that we can get corporate firewall admins to allow the traffic by policy.
>
> In other words: these are potentially deployment requirements, not technical requirements.

Joe's analysis highlights an important point - there is no need for SPUD 
to be better than TCP.
If TCP is vulnerable to off-path reset attacks, then it would be ok for 
SPUD to be vulnerable.
We just have to avoid making SPUD *more* vulnerable.

>

v2.8.7 | Report a Bug | By Email