IETF Logo Mail Archive

Re: [tcpinc] Revised version of TCP-ENO

dm-list-tcpcrypt@scs.stanford.edu Fri, 14 August 2015 18:30 UTC

Return-Path: <dm-list-tcpcrypt@scs.stanford.edu>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 995CF1A0371 for <tcpinc@ietfa.amsl.com>; Fri, 14 Aug 2015 11:30:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.91
X-Spam-Level:
X-Spam-Status: No, score=-0.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N2vdqcEeiDWI for <tcpinc@ietfa.amsl.com>; Fri, 14 Aug 2015 11:30:32 -0700 (PDT)
Received: from market.scs.stanford.edu (www.scs.stanford.edu [IPv6:2001:470:806d:1::9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE7F31A0370 for <tcpinc@ietf.org>; Fri, 14 Aug 2015 11:30:32 -0700 (PDT)
Received: from market.scs.stanford.edu (localhost.scs.stanford.edu [127.0.0.1]) by market.scs.stanford.edu (8.14.7/8.14.7) with ESMTP id t7EIUVli030583; Fri, 14 Aug 2015 11:30:31 -0700 (PDT)
Received: (from dm@localhost) by market.scs.stanford.edu (8.14.7/8.14.7/Submit) id t7EIUVNO029771; Fri, 14 Aug 2015 11:30:31 -0700 (PDT)
X-Authentication-Warning: market.scs.stanford.edu: dm set sender to dm-list-tcpcrypt@scs.stanford.edu using -f
From: dm-list-tcpcrypt@scs.stanford.edu
To: Martin Thomson <martin.thomson@gmail.com>
In-Reply-To: <CABkgnnXo67ZM9Qa0-rHdNty1ewaGnn8G30Fn2WQZh6fh9-0KvA@mail.gmail.com>
References: <87pp2vqplu.fsf@ta.scs.stanford.edu> <CAJU8_nXAHhf6dqqs0gUEGz49bG7YUO1qaGwaLm04+vstPTyfWg@mail.gmail.com> <87h9o4rqwz.fsf@ta.scs.stanford.edu> <874mk2kj56.fsf@alice.fifthhorseman.net> <CAJU8_nVcDmCw-0KYviJ5GWZL+-YcCg3wLMJqpkuh=iN8RppA+A@mail.gmail.com> <87y4hej2vf.fsf@alice.fifthhorseman.net> <87egj67sac.fsf@ta.scs.stanford.edu> <87bnea7rr6.fsf@ta.scs.stanford.edu> <CABkgnnUF-byT2MH8mrmZJaMY2PTsspWJ8W3wJmddXdgMqGHCkQ@mail.gmail.com> <87614i7o2l.fsf@ta.scs.stanford.edu> <CABkgnnU8eeX3QV+D_g2XJqWGf9YzUZ1v-eqjg9HsioGJP8-GqQ@mail.gmail.com> <87io8hwznh.fsf@ta.scs.stanford.edu> <CABkgnnXDomgQJSiCTdxETomPB7H+n2DggZ4VX0Q8hpqvoyq=8A@mail.gmail.com> <874mk1wxs5.fsf@ta.scs.stanford.edu> <CABkgnnXo67ZM9Qa0-rHdNty1ewaGnn8G30Fn2WQZh6fh9-0KvA@mail.gmail.com>
Date: Fri, 14 Aug 2015 11:30:31 -0700
Message-ID: <87d1ypsoxk.fsf@ta.scs.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpinc/3V1pInQFBtyAtfXYMPEmJtoa4So>
Cc: tcpinc <tcpinc@ietf.org>
Subject: Re: [tcpinc] Revised version of TCP-ENO
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2015 18:30:33 -0000

Martin Thomson <martin.thomson@gmail.com> writes:

> On 14 August 2015 at 11:05, David Mazieres
> <dm-list-tcpcrypt@scs.stanford.edu> wrote:
>> If we don't specify requirements for the session ID, then applications
>> will have to be knowledgeable about what encryption spec they are using.
>> That means if we get large SYN options down the line and massively
>> optimize TCPINC, applications won't be able to take advantage of it
>> automatically.
>
>
> Sorry, I missed an important word.  I have *no* problem with
> specifying requirements; I just have a problem with specifying
> mechanism with a requirement for that mechanism.

So what is your proposal?  Do you think TCP-ENO should specify the
mechanism or the requirement?  Right now, I think the draft is written
in an attempt to specify the requirements and leave the mechanism as
open-ended as possible.  I haven't seen any ideas on how to make it more
mechanism-agnostic.  Does this mean you'd favor dispensing with the
requirements and just specifying a mechanism?

> If you look at this in the abstract, how the session ID is acquired
> and defined can (and should) be opaque to an application using this.
> At some level, the requirement you want is an API one: the application
> MUST be able to acquire an identifier that is unique for the session.

Exactly.

> Also, given the other discussion, perhaps the model in RFC 5705 is the
> right one to use: don't expose a unique id, but provide an application
> the ability to extract a value, with the limitation that it be
> specific to that application.

Well, I'd say RFC 5705 tends towards the mechanism end of the spectrum,
since it tells you exactly what to feed into your PRF.  I don't know if
we want to make such assumptions about TCP-ENO specs.

David

v2.23.0 | Report a Bug | By Email