Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpinc-tcpcrypt-09: (with COMMENT)
Adam Roach <adam@nostrum.com> Thu, 09 November 2017 15:37 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E04A5126CD6; Thu, 9 Nov 2017 07:37:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.879
X-Spam-Level:
X-Spam-Status: No, score=-1.879 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sHAwAEjdk5Cc; Thu, 9 Nov 2017 07:37:18 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35DE7127201; Thu, 9 Nov 2017 07:37:16 -0800 (PST)
Received: from Orochi.local (ip-64-134-152-80.public.wayport.net [64.134.152.80]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id vA9FbBQP061270 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 9 Nov 2017 09:37:12 -0600 (CST) (envelope-from adam@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host ip-64-134-152-80.public.wayport.net [64.134.152.80] claimed to be Orochi.local
To: Kyle Rose <krose@krose.org>
Cc: "Mirja Kuehlewind (IETF)" <ietf@kuehlewind.net>, The IESG <iesg@ietf.org>, tcpinc <tcpinc@ietf.org>, tcpinc-chairs@ietf.org, draft-ietf-tcpinc-tcpcrypt@ietf.org
References: <151018832684.17229.17081270342741352337.idtracker@ietfa.amsl.com> <2E9FA28D-CCE3-4F4D-A25A-976543A70C03@kuehlewind.net> <e674acae-925e-10e7-b473-46629452d0a2@nostrum.com> <CAJU8_nXRGk2ao2A=pjuqBoGWADg0+e9iEAdSgHfSnASHzBFsJw@mail.gmail.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <2b941a77-bf43-6855-6dbd-b988babdcec9@nostrum.com>
Date: Thu, 09 Nov 2017 09:37:06 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CAJU8_nXRGk2ao2A=pjuqBoGWADg0+e9iEAdSgHfSnASHzBFsJw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/IeI8IYhcTdQzxHhBCpfnbaA19oE>
Subject: Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpinc-tcpcrypt-09: (with COMMENT)
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Nov 2017 15:37:20 -0000
On 11/9/17 08:16, Kyle Rose wrote: > On Thu, Nov 9, 2017 at 10:11 AM, Adam Roach <adam@nostrum.com> wrote: >> On 11/8/17 19:45, Mirja Kuehlewind (IETF) wrote: >>> That’s not true. This is to cover the case where the packet got corrupted on >>> the path, thus hopefully the retransmission will decrypt correctly. >> So, to be clear, you're talking about packet corruption that happens to >> produce a valid checksum, right? If that's the reasoning here, the authors >> probably want to include that rationale in the document. > Mirja's is my interpretation, as well. > > Off-path attackers wouldn't be able to sent segments with the right > sequence number with high probability, so it's unlikely that this is a > DoS vector; but giving implementations the option of simply dropping > segments for which the authenticity check fails is not likely to cause > recurring timeout problems for correct implementations. Yes, and you're giving implementors options here without really explaining why -- which means they're probably just going to pick one randomly. Adding text that gives some notion about why one might choose one option over the other would allow them to make an informed choice rather than a random one. Again, this remains a suggestion and not a blocking comment. You can feel free to proceed with the document as-is. /a
- [tcpinc] Adam Roach's Yes on draft-ietf-tcpinc-tc… Adam Roach
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Mirja Kuehlewind (IETF)
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Adam Roach
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Mirja Kuehlewind (IETF)
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Kyle Rose
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Adam Roach
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Daniel B Giffin
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Daniel B Giffin
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Adam Roach
- Re: [tcpinc] Adam Roach's Yes on draft-ietf-tcpin… Adam Roach