IETF Logo Mail Archive

Re: [Tcpcrypt] v3 of the charter

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 30 April 2014 21:06 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: tcpcrypt@ietfa.amsl.com
Delivered-To: tcpcrypt@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E8D01A09BC for <tcpcrypt@ietfa.amsl.com>; Wed, 30 Apr 2014 14:06:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uR7C89BsyS1w for <tcpcrypt@ietfa.amsl.com>; Wed, 30 Apr 2014 14:06:19 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 43A341A0958 for <tcpcrypt@ietf.org>; Wed, 30 Apr 2014 14:06:16 -0700 (PDT)
Received: from [10.70.10.85] (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 97841F984; Wed, 30 Apr 2014 17:06:13 -0400 (EDT)
Message-ID: <536165C6.20909@fifthhorseman.net>
Date: Wed, 30 Apr 2014 17:06:14 -0400
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.3.0
MIME-Version: 1.0
To: Joe Touch <touch@isi.edu>, "Eggert, Lars" <lars@netapp.com>, Marcelo Bagnulo <marcelo@it.uc3m.es>
References: <536099A0.30900@it.uc3m.es> <23862F2E-9D56-4651-9202-FC676D15720B@netapp.com> <07C2D017-9342-4742-990C-7D3BC795049F@netapp.com> <536157E1.2060202@fifthhorseman.net> <53615A40.9050903@isi.edu>
In-Reply-To: <53615A40.9050903@isi.edu>
X-Enigmail-Version: 1.6+git0.20140323
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="nMHHdFVnPjJ9MAxrvmTjuuJSfgPxGJ6Cg"
Archived-At: http://mailarchive.ietf.org/arch/msg/tcpcrypt/p24ak1D_GpXr6JGFYsF8itEBHkU
Cc: "tcpcrypt@ietf.org" <tcpcrypt@ietf.org>
Subject: Re: [Tcpcrypt] v3 of the charter
X-BeenThere: tcpcrypt@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpcrypt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpcrypt/>
List-Post: <mailto:tcpcrypt@ietf.org>
List-Help: <mailto:tcpcrypt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpcrypt>, <mailto:tcpcrypt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 21:06:20 -0000

On 04/30/2014 04:17 PM, Joe Touch wrote:
> On 4/30/2014 1:06 PM, Daniel Kahn Gillmor wrote:
>> TCP is bidirectional, but the handshake is asymmetric: one party
>> listen()s and accept()s, and the other party connect()s.
> 
> TCP supports simultaneous open too. In which case, who's the client and
> who's the server?

In the simultaneous open case (does anyone actually use that in
practice?), both parties already know something about their peers (at
least, they know who they want to connect to).  From the perspective of
fingerprinting concerns, that suggests that they should both be treated
as servers, not as clients.

	--dkg

v2.23.0 | Report a Bug | By Email