Re: [tcpinc] TCP Stealth - possible interest to the WG
Jacob Appelbaum <jacob@appelbaum.net> Mon, 18 August 2014 12:50 UTC
Return-Path: <jacob@appelbaum.net>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 717111A030A for <tcpinc@ietfa.amsl.com>; Mon, 18 Aug 2014 05:50:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SdZJaKX0kMw7 for <tcpinc@ietfa.amsl.com>; Mon, 18 Aug 2014 05:50:13 -0700 (PDT)
Received: from mail-qc0-f174.google.com (mail-qc0-f174.google.com [209.85.216.174]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3A6C1A02E6 for <tcpinc@ietf.org>; Mon, 18 Aug 2014 05:50:13 -0700 (PDT)
Received: by mail-qc0-f174.google.com with SMTP id l6so4697122qcy.33 for <tcpinc@ietf.org>; Mon, 18 Aug 2014 05:50:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=d8cWmGMJ3AK25gShJKg+TRVm0wHr1u5C/+KBA8dDrAY=; b=D1eCzUL87tZRM1rzEgHKBIV7W6p/MvR9sgF2sHpK2q0tVBzmT4VePES+N5cfgY2Pmn boL/UWALlkJCiIRT01tWexLIIyactUft+8z0SXVPcYJkiV4FOzlSCF0U8fW2+cxCOG0d /xhAVBxZHE35hXOGwX/8JYoVamp6kvtckf4/RKyz1JqsLCkEHwpPpz98EFTO0N753kqN AnquuhtGFJOvvKdndmXvLmyOzbfLXtWoaR2JzyHW0qFfmfTdLjjojeky4VupNK7PNCju oPfWyf48uN1RpOSKfgzvjpfaajtSWEVFLY4VJ9ZxY1B/Khu9Hlsbm6gXHfaeazF0WMVp Yc5g==
X-Gm-Message-State: ALoCoQk01aZw7L55a5AsC58vYes2LwNy39PMSfPFT/ei2WUe6pNsU7w9AiK93AMiGnONt5xSSwl6
MIME-Version: 1.0
X-Received: by 10.224.138.8 with SMTP id y8mr56065733qat.38.1408366212961; Mon, 18 Aug 2014 05:50:12 -0700 (PDT)
Received: by 10.140.91.50 with HTTP; Mon, 18 Aug 2014 05:50:12 -0700 (PDT)
X-Originating-IP: [192.155.86.99]
In-Reply-To: <ecdbe694b6964c159f64b1d3311c8cc6@hioexcmbx02-prd.hq.netapp.com>
References: <ecdbe694b6964c159f64b1d3311c8cc6@hioexcmbx02-prd.hq.netapp.com>
Date: Mon, 18 Aug 2014 12:50:12 +0000
Message-ID: <CAFggDF2jhQPz0Eez=AU9M-k862wD_=VSyVpXtRAjT4zC6H4tgA@mail.gmail.com>
From: Jacob Appelbaum <jacob@appelbaum.net>
To: "Scheffenegger, Richard" <rs@netapp.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tcpinc/m7_Lov17Ayy8qP4TcVQAKr6sR8A
Cc: Wesley Eddy <wes@mti-systems.com>, Christian Grothoff <christian@grothoff.org>, "tcpinc@ietf.org" <tcpinc@ietf.org>, "tcpm (tcpm@ietf.org)" <tcpm@ietf.org>, Joe Touch <touch@isi.edu>
Subject: Re: [tcpinc] TCP Stealth - possible interest to the WG
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Aug 2014 12:50:15 -0000
On 8/15/14, Scheffenegger, Richard <rs@netapp.com> wrote: > Hi, > > I just learned about an individual submission, which is probably of interest > not only to the members of these two WGs; > > http://tools.ietf.org/html/draft-kirsch-ietf-tcp-stealth-00 > Hi, I'm one of the authors of the draft and I've cc'ed Christian who has been one of the driving forces behind the draft. > > On a first, casual glance, I am wondering if the authors have realized all > the implications of their suggestion; > This article we wrote may be of interest to you: http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html (English) http://www.heise.de/ct/artikel/NSA-GCHQ-Das-HACIENDA-Programm-zur-Kolonisierung-des-Internet-2292574.html (German) > There seem to be at least two or three major issues that compromise either > the working and stability of TCP, or work against the intended > "stealthieness" of this modification (making it easy for an attacker to > identify such sessions, provided he is able to actively interfere with > segments in transit (ie. cause certain segments to be dropped). Could you expand on these thoughts a bit? > Nevertheless, it might be beneficial to discuss the generic idea in a wider > forum, among brighter minds than me. Thanks for bringing it up! All the best, Jacob
- [tcpinc] TCP Stealth - possible interest to the WG Scheffenegger, Richard
- Re: [tcpinc] TCP Stealth - possible interest to t… Jacob Appelbaum
- Re: [tcpinc] TCP Stealth - possible interest to t… Alfie John
- Re: [tcpinc] TCP Stealth - possible interest to t… Scheffenegger, Richard
- Re: [tcpinc] TCP Stealth - possible interest to t… Alfie John
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpinc] TCP Stealth - possible interest to t… Yoshifumi Nishida
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpinc] [tcpm] TCP Stealth - possible intere… Alfie John
- Re: [tcpinc] TCP Stealth - possible interest to t… Joe Touch
- Re: [tcpinc] TCP Stealth - possible interest to t… Joe Touch