IETF Logo Mail Archive

Re: [tcpinc] TCP's treatment of data in SYN packets

David Mazieres <dm-list-tcpcrypt@scs.stanford.edu> Sat, 30 July 2016 17:20 UTC

Return-Path: <dm-list-tcpcrypt@scs.stanford.edu>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D414712D0B7 for <tcpinc@ietfa.amsl.com>; Sat, 30 Jul 2016 10:20:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.188
X-Spam-Level:
X-Spam-Status: No, score=-2.188 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0YDYiWsOvLmo for <tcpinc@ietfa.amsl.com>; Sat, 30 Jul 2016 10:20:40 -0700 (PDT)
Received: from market.scs.stanford.edu (www.scs.stanford.edu [IPv6:2001:470:806d:1::9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11ADE12B024 for <tcpinc@ietf.org>; Sat, 30 Jul 2016 10:20:40 -0700 (PDT)
Received: from market.scs.stanford.edu (localhost.scs.stanford.edu [127.0.0.1]) by market.scs.stanford.edu (8.14.7/8.14.7) with ESMTP id u6UHKd6R025745; Sat, 30 Jul 2016 10:20:39 -0700 (PDT)
Received: (from dm@localhost) by market.scs.stanford.edu (8.14.7/8.14.7/Submit) id u6UHKd8p022262; Sat, 30 Jul 2016 10:20:39 -0700 (PDT)
X-Authentication-Warning: market.scs.stanford.edu: dm set sender to dm-list-tcpcrypt@scs.stanford.edu using -f
From: David Mazieres <dm-list-tcpcrypt@scs.stanford.edu>
To: Jeremy Harris <jgh@wizmail.org>, tcpinc@ietf.org
In-Reply-To: <adcaa33a-3bf5-e63a-bd19-fd165b16aa7d@wizmail.org>
References: <CAJU8_nU1WzQNFFUn_2o1cACutB01iyQ_hC29PHoutr8TRDKGnA@mail.gmail.com> <579A4669.7030600@isi.edu> <87lh0lselg.fsf@ta.scs.stanford.edu> <CAJU8_nUPrm9JJMrrMbL5+FpP-9CKC6EkidCry9UuZA5ZfyJtoA@mail.gmail.com> <579A8223.8050308@isi.edu> <CAJU8_nXSxr7ykC1TwptBmyP8pNccz52ozq=hF7-EYiaMdDeLBQ@mail.gmail.com> <579BA470.3000405@isi.edu> <CAJU8_nXjhHH1eEXPA3hvhJ3YXsP_v2djGX=X2p9+wyn767Hm5A@mail.gmail.com> <adcaa33a-3bf5-e63a-bd19-fd165b16aa7d@wizmail.org>
Date: Sat, 30 Jul 2016 10:20:39 -0700
Message-ID: <87oa5fniu0.fsf@ta.scs.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/MQOXLgTiovUAC_HnqqR-lZqyr5o>
Subject: Re: [tcpinc] TCP's treatment of data in SYN packets
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: David Mazieres expires 2016-10-28 PDT <mazieres-w8vwfda4x45f6hskja9am3c3j6@temporary-address.scs.stanford.edu>
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jul 2016 17:20:41 -0000

Jeremy Harris <jgh@wizmail.org> writes:

> On 29/07/16 20:41, Kyle Rose wrote:
>> Right, I get that for interoperability with ENO-unaware stacks there is no
>> way to change data presented in the SYN. In the case where both ends
>> understand ENO but the server is not negotiating it, we can define TCP SYN
>> payload semantics differently: essentially, when there is an ENO option in
>> the SYN, an ENO-aware server will do one of two things:
> [...]
>> (2) If it is not negotiating ENO, it will not ACK the data, and will in
>> fact throw it away and explicitly permit transmission of *different* data
>> for the same sequence number range.
>
> I don't think so.  Whatever the client is, if the server is not showing
> support for different behaviour then the client must assume a standards
> TCP-implementing server, meaning that any data sent cannot be altered
> in a retransmission.  That applies whether or not the _initial_ ack for
> a SYN-with-data acks that data; even if it did not, a later one might.
>
> Unless you're dividing signalling of ENO-aware from ENO-negotiating?

No one is suggesting sending data in a SYN segment to a server that does
not support ENO.  In fact, no one is even suggesting sending data in a
SYN segment.  All we want is a minimum specification of what you do if
you receive such data, so that people can capitalize on it in the
future.  The proposal currently on the table is that you do whatever the
data TEP/negotiated TEP says, and if that TEP doesn't say anything, then
you discard the data and don't ACK it.  Moreover, we are saying that
even TEPs that support SYN data shouldn't send any unless requested to
do so by the application or unless they know it won't lead to connection
failure (through some future mechanism we don't currently anticipate).

The long-term plan here is to secure 100% of TCP traffic that isn't
secured by some other protocol such as TLS or SSH.  To get better than
opportunistic encryption, there needs to be logic in applications or
middleware to abort TCP connections that are not properly authenticated.
That logic may well want to permit SYN data, since it will scuttle a
non-ENO connection anyway.  Yes, this is very, very far in the future.
But if the TCPINC working group is successful, then the documents we are
working on today could be relevant in 10-20 years.  So without doing
anything to break TCP today, we want to ease the path to a more secure
Internet without trying to predict the future.  And mandating no
buffering of discarded SYN data is a good way to do that...

Incidentally, this discussion makes me think we need a section of the
non-normative rationale section on SYN data as well...

David

v2.37.1 | Report a Bug | By Email | System Status