Re: [tcpinc] WGLC for draft-ietf-tcpinc-tcpeno

Joe Touch <touch@isi.edu> Thu, 16 February 2017 06:37 UTC

Return-Path: <touch@isi.edu>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF9DB129991 for <tcpinc@ietfa.amsl.com>; Wed, 15 Feb 2017 22:37:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mryA7UD_P1f6 for <tcpinc@ietfa.amsl.com>; Wed, 15 Feb 2017 22:37:52 -0800 (PST)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AD45127078 for <tcpinc@ietf.org>; Wed, 15 Feb 2017 22:37:52 -0800 (PST)
Received: from [192.168.1.158] (cpe-172-250-240-132.socal.res.rr.com [172.250.240.132]) (authenticated bits=0) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id v1G6bRHu025581 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 15 Feb 2017 22:37:29 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail-39A9D657-5CF0-4C3B-A536-4550A8EE26E3"
Mime-Version: 1.0 (1.0)
From: Joe Touch <touch@isi.edu>
X-Mailer: iPad Mail (14D27)
In-Reply-To: <16c01c14-0896-c8fd-d7c4-e1dd7254420f@mti-systems.com>
Date: Wed, 15 Feb 2017 22:37:27 -0800
Content-Transfer-Encoding: 7bit
Message-Id: <9C3733AA-CECC-4CAA-954E-3B6FA7F935E5@isi.edu>
References: <CAJU8_nUGxd0yo2htZg6LY_gSHy8xAjSOY9w4zKFLbVDw+CtZDg@mail.gmail.com> <16c01c14-0896-c8fd-d7c4-e1dd7254420f@mti-systems.com>
To: Wesley Eddy <wes@mti-systems.com>
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/IKhoVRkekkeqvD1Jwpo4MoStow4>
Cc: tcpinc@ietf.org
Subject: Re: [tcpinc] WGLC for draft-ietf-tcpinc-tcpeno
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Feb 2017 06:37:54 -0000


> On Feb 15, 2017, at 8:33 PM, Wesley Eddy <wes@mti-systems.com> wrote:
> 
> I haven't been following the WG discussions closely, so apologize in advance if this has been beat to death ... In reviewing the present draft, section 4.7 seems awkward to me.
> 
> I think the WG should consider taking a position that data-on-SYN for TEPs should only be permitted to be sent if you have some prior indication that ENO is understood by the other end (e.g. via a cache entry from a previous connection, or other means).
> 
FWIW, I don't much care what TCPINC decides, but the decision has consequences...
> While the draft correctly says that discarding data on SYNs may already be a common practice, it seems to me that there could be two issues, including:
> 
> 1) edge cases where you're communicating with non-ENO hosts, that do not discard data on SYNs (for whatever reason), and may pollute the data stream delivered to the application, breaking the goals of TCPINC to work without impacting the application's TCP mapping
> 
> 2) cases where other TCP extensions (perhaps yet to-be-defined) do something in conflict with that data
> 
> I think it goes along with being 'conservative in what you send' to only include TEP data on the SYN if ENO is highly likely to be supported by the other side.
> 
I'd prefer to be explicit:

- if non-data info is included in the TCP SYN payload, then this mechanism MUST abort SYN-ACKs that do not confirm TCPINC participation (i.e., fallback by aborting the current connection), which defeats transparent downgrade to legacy listeners.

That rule applies to all TCP extensions, and is discussed in draft-touch-tcpm-tcp-syn-ext-opt. 

The potential for other TCP options to have conflicting interpretations for that data would need to be dealt with in each such option in the context of options defined up to that point, but that seems like an unnecessary swamp to enter.

Joe



> 
> 
>> On 1/23/2017 6:15 PM, Kyle Rose wrote:
>> This is a working group last call for the "TCP-ENO: Encryption Negotiation Option" draft available at https://datatracker.ietf.org/doc/draft-ietf-tcpinc-tcpeno/. Please review the document and send your comments to the list by 2017-February-15.
>> 
>> -Kyle and David
>> 
>> 
>> 
>> _______________________________________________
>> Tcpinc mailing list
>> Tcpinc@ietf.org
>> https://www.ietf.org/mailman/listinfo/tcpinc
> 
> _______________________________________________
> Tcpinc mailing list
> Tcpinc@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpinc