Re: [tcpm] tcp-security: Request for feedback on the outline of the document
Joe Touch <touch@ISI.EDU> Thu, 20 August 2009 18:19 UTC
Return-Path: <touch@ISI.EDU>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DBA933A69B3 for <tcpm@core3.amsl.com>; Thu, 20 Aug 2009 11:19:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.748
X-Spam-Level:
X-Spam-Status: No, score=-1.748 tagged_above=-999 required=5 tests=[AWL=-0.952, BAYES_00=-2.599, LONGWORDS=1.803]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1HjYwxip7MXW for <tcpm@core3.amsl.com>; Thu, 20 Aug 2009 11:19:57 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by core3.amsl.com (Postfix) with ESMTP id 40AFF3A6781 for <tcpm@ietf.org>; Thu, 20 Aug 2009 11:19:24 -0700 (PDT)
Received: from [192.168.1.46] (pool-71-106-88-10.lsanca.dsl-w.verizon.net [71.106.88.10]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id n7KIJAsp008620; Thu, 20 Aug 2009 11:19:12 -0700 (PDT)
Message-ID: <4A8D939E.9050008@isi.edu>
Date: Thu, 20 Aug 2009 11:19:10 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.22 (Windows/20090605)
MIME-Version: 1.0
To: Fernando Gont <fernando@gont.com.ar>
References: <4A8CBF98.1070809@gont.com.ar>
In-Reply-To: <4A8CBF98.1070809@gont.com.ar>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: "tcpm-chairs@tools.ietf.org" <tcpm-chairs@tools.ietf.org>, "tcpm@ietf.org" <tcpm@ietf.org>
Subject: Re: [tcpm] tcp-security: Request for feedback on the outline of the document
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2009 18:19:57 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Fernando Gont wrote: > Folks, > > As mentioned by David Borman, draft-gont-tcp-security has been adopted > as a wg item. It has been resubmitted as draft-ietf-tcpm-tcp-security, now. > > I'd like to receive feedback on the outline of the document, i.e., > whether you like the outline as-is or you think it should be modified. I'll start with the observation that the WG approved an outline as the WG starting point. The current doc has a few sections that are not an outline; they should be omitted until we agree as a WG on their content. This includes: 1.1 2. 3. 3.1 3.1.1 3.6.7 An exception would be only Sec 1.2, which is scoping the doc, and providing a list of RFCs that might be relevant. It seems useful to step back to the highest level of the outline. Excepting required sections, they are: 1 intro 2 scope 3 header fields 4 common options 5 connection establishment 6 connection termination 7 buffer management 8 reassembly 9 cong control 10 API 11 blind in-window attacks 12 info leaking 13 covert channels 14 port scanning 15 ICMP 16 IP It's not clear why 4 isn't part of 3, why 5 and 6 are separate, etc. Overall, it'd be useful to have a more conventional structure: 1 intro including scope 2 background - to introduce terminology a) breakdown of TCP into: control data performance implementation b) threat model briefly explain attacks: - on-path vs. off-path - control vs. data vs. performance - injection vs. DOS Then it'd be useful to break down TCP into its component parts, as introduced in 2a: 3 control attacks header fields option fields connection establishment connection termination port scanning 4 data attacks injection info leaking 5 performance cong control / ACK attacks reassy attacks 6 implementation issues performance, e.g., SYN cookies, buffer mgt. API, IP interface issues 7 security considerations this can be used as a catchall for items that don't fit as directly above and aren't specific to TCP, e.g., covert channel issues, info leaking etc. IMO, this presents the info in a way that is still organized for implementers, but structures it in a way that the info can be more easily located when needed. Joe -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqNk54ACgkQE5f5cImnZrtnwQCcDzubosjOVH9JZtQUSmMeD0g7 GhoAn1276imjsf0rlK1hQCMDgqLbzu6v =SZPc -----END PGP SIGNATURE-----
- [tcpm] tcp-security: Request for feedback on the … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Eddy, Wesley M. (GRC-MS00)[Verizon]
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … toby.moncaster
- Re: [tcpm] tcp-security: Request for feedback on … Alfred Hönes
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … toby.moncaster
- Re: [tcpm] tcp-security: Request for feedback on … Eddy, Wesley M. (GRC-MS00)[Verizon]
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont
- Re: [tcpm] tcp-security: Request for feedback on … Lars Eggert
- Re: [tcpm] tcp-security: Request for feedback on … Joe Touch
- Re: [tcpm] tcp-security: Request for feedback on … Fernando Gont