Re: [tcpinc] AD review of tcp-eno

"Mirja Kuehlewind (IETF)" <> Thu, 27 July 2017 13:14 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1FBF0131C82 for <>; Thu, 27 Jul 2017 06:14:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); domainkeys=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id k_IP8vtRvUTH for <>; Thu, 27 Jul 2017 06:14:47 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 54E39132147 for <>; Thu, 27 Jul 2017 06:14:44 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default;; b=lVuinHTQKHKXB4+eh6Psa7sSZm2blHNwffJrreITv1Syx6SJKgXkbqU0qnnI2/9J1KRAKGc9qTvNqoE0q9/o3UFiN8Ftk2NJqdgoTwL/RGx1JTOQHxlgR4rMkWWiggDeWc/wFit5RbDv4KK0bc0qS6UW6TfUxFwrnMv6RpzKf0E=; h=Received:Received:Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer:X-PPP-Message-ID:X-PPP-Vhost;
Received: (qmail 9871 invoked from network); 27 Jul 2017 15:14:41 +0200
Received: from (HELO ? ( by with ESMTPSA (DHE-RSA-AES256-SHA encrypted, authenticated); 27 Jul 2017 15:14:41 +0200
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: "Mirja Kuehlewind (IETF)" <>
In-Reply-To: <>
Date: Thu, 27 Jul 2017 15:14:40 +0200
Cc: tcpinc <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <>
X-Mailer: Apple Mail (2.3273)
X-PPP-Message-ID: <>
Archived-At: <>
Subject: Re: [tcpinc] AD review of tcp-eno
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 27 Jul 2017 13:14:49 -0000

Resending because I just realized I forgot to cc the list…

> Am 26.07.2017 um 19:06 schrieb Mirja Kühlewind <>:
> Hi all,
> thanks for this very well written document and detailed shepherd write-up!
> I’m afraid we need a new revision before IETF Last Call because the RFC should only specify the actually TCP option and not the experimental one. So you can simply remove the experimental one in Figure 1, 2 and 3 (as well as sec 4.8) and only note in the IANA section that this experimental assignment also exists, as it is already done.
> Other minor comments:
> 1) I would recommend to switch the last to paragraphs in section 4.5; I think that helps understanding.
> 2) I’m wondering if it would make sense to specify at the beginning of section 4.7 another requirement that TEPs SHOULD only specify the use of SYN data if there is some a-priori knowledge that the other end is likely to support tcp-eno and the tep (e.g. due to previous successful connections aka session resumption, or application knowledge).
> 3) Sec 4.8 does not really specify what to do with the transcript. I guess that’s TEP specific but it sounds like there should be a requirement stated that a TEP has to check this or abort the connection…?
> 4) sec 5:
> s/TEPs MUST protect TCP data streams with authenticated encryption./TEPs MUST protect TCP data streams with unauthenticated encryption./ ? Or do you mean must support both, authenticated and unauthenticated?
> 5) section 6: Maybe
> "Figure 9 shows a three-way handshake with a successful TCP-ENO
>   negotiation.  The two sides agree to follow the TEP identified by
>   suboption Y.“
> "Figure 9 shows a three-way handshake with a successful TCP-ENO
>   negotiation. Host A includes two ENO suboptions with TEP identifiers X and Y. 
>   The two sides agree to follow the TEP identified by suboption Y.“ 
> 6) Also looking at the example in Figure 11, I have to say that the spec does not clearly state anywhere that the first ACK has to have a ENO option (it’s only mention implicitly somewhere). Maybe that can be spelled out more clearly (in section 4.6)?
> 7) Also based on this example. I guess it’s also possible that a middlebox does not strip the options in the SYN packets but only in the ACK. In this case host A would send encrypted data and host B would think they are not encrypted and deliver garbage to the application. I’m not sure how to avoid or even detect such a case but maybe it’s still good to mention this somewhere…?
> 8) section 7.2: The following is a normative requirement thats should be stated normatively (MUST) somewhere in the main part of the specification:
> "To stay robust in the face of dropped segments, hosts must continue
>   to include non-SYN form ENO options in segments until such point as
>   they have received a non-SYN segment from the other side.“
> 9) I would recommend to move 7.1 into an own section (not as part of section 7 on rational), or maybe rather as a subsection of section 8.
> 10) From reading the text in the IANA section, I believe you rather what „RFC required“ as a policy (see Early allocation are always possible and does not need to be noted separately (see
> 11) Do you want to specially note Andrea’s contribution to this work in the acknowledgements?
> 12) RFC5226 (now RFC8126), RFC6994 (after removing the exp option from the body of the doc), and RFC7413 do not need to be normative references. Please move to informative.
> 12) Finally, two tiny things from the nits check:
> - There shouldn’t be reference in the abstract. You can just remove it; TLS is well known. You may want to add it in section 7.1 instead.
> - RFC 5226 is obsolete
> Both could be fixed by the editor but as you anyway have to make a new revision, so you can fix these as well.
> Thanks!
> Mirja