Re: [Taps] Some comments on draft-ietf-taps-impl-12

Fernando Gont <> Fri, 05 August 2022 20:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AE47FC19E0E7; Fri, 5 Aug 2022 13:40:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wF849ompmxTD; Fri, 5 Aug 2022 13:40:34 -0700 (PDT)
Received: from ( [IPv6:2001:67c:27e4::14]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by (Postfix) with ESMTPS id 78CE4C188709; Fri, 5 Aug 2022 13:40:28 -0700 (PDT)
Received: from [IPV6:2800:810:464:f13:b1e3:216c:16ec:4112] (unknown [IPv6:2800:810:464:f13:b1e3:216c:16ec:4112]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 63C6F2800E9; Fri, 5 Aug 2022 20:40:22 +0000 (UTC)
Message-ID: <>
Date: Fri, 5 Aug 2022 17:40:18 -0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1
Content-Language: en-US
To: Gorry Fairhurst <>,
References: <> <>
From: Fernando Gont <>
In-Reply-To: <>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [Taps] Some comments on draft-ietf-taps-impl-12
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 05 Aug 2022 20:40:38 -0000

Hi, Gorry,

Thanks for all your responses! In-line....

On 5/8/22 12:00, Gorry Fairhurst wrote:
>> Section 4.7.2.:
>>> On platforms with facilities to create a "virtual connection" for
>>> connectionless protocols implementations should use these mechanisms
>>> to minimise the handling of datagrams intended for already created
>>> Connection objects.
>> I don't necessarily disagree, but you should probably elaborate here 
>> -- e.g., on one hand, "stateless" is good in the sense that you don't 
>> tie system resources unnecessarily. However, it's also more prone to 
>> spoofing, to the extent that an attacker might require "a lot of work" 
>> from a server without even proving that it can receive the return 
>> packets.
> I'm not quite sure what you are asking here. What I think was intended 
> was very similar to the way UDP sockets in BSD can be used with 
> "connect", is there something else you were expecting to see in the text?

Looks like I got confused -- my bad, sorry! -- No changes expected here.

Fernando Gont
SI6 Networks
PGP Fingerprint: F242 FF0E A804 AF81 EB10 2F07 7CA1 321D 663B B494