Re: [tcpm] Feedback request on draft-ietf-tcpm-tcp-security

<L.Wood@surrey.ac.uk> Mon, 01 March 2010 23:23 UTC

Return-Path: <L.Wood@surrey.ac.uk>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F1ED03A8894 for <tcpm@core3.amsl.com>; Mon, 1 Mar 2010 15:23:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OlRKQnFuydxj for <tcpm@core3.amsl.com>; Mon, 1 Mar 2010 15:23:41 -0800 (PST)
Received: from mail83.messagelabs.com (mail83.messagelabs.com [195.245.231.83]) by core3.amsl.com (Postfix) with ESMTP id AFDB93A8881 for <tcpm@ietf.org>; Mon, 1 Mar 2010 15:23:40 -0800 (PST)
X-VirusChecked: Checked
X-Env-Sender: L.Wood@surrey.ac.uk
X-Msg-Ref: server-14.tower-83.messagelabs.com!1267485819!25708713!1
X-StarScan-Version: 6.2.4; banners=-,-,-
X-Originating-IP: [131.227.200.35]
Received: (qmail 30082 invoked from network); 1 Mar 2010 23:23:39 -0000
Received: from unknown (HELO EXHT021P.surrey.ac.uk) (131.227.200.35) by server-14.tower-83.messagelabs.com with AES128-SHA encrypted SMTP; 1 Mar 2010 23:23:39 -0000
Received: from EXMB01CMS.surrey.ac.uk ([169.254.1.49]) by EXHT021P.surrey.ac.uk ([131.227.200.35]) with mapi; Mon, 1 Mar 2010 23:23:39 +0000
From: <L.Wood@surrey.ac.uk>
To: <wesley.m.eddy@nasa.gov>
Date: Mon, 1 Mar 2010 23:23:37 +0000
Thread-Topic: [tcpm] Feedback request on draft-ietf-tcpm-tcp-security
Thread-Index: Acq5ljjzwMHiCigIRsStzG4eSnQdyQ==
Message-ID: <FC9BFC61-3E19-48D8-A7A7-505EC0836410@surrey.ac.uk>
References: <4B7F2881.7000700@gont.com.ar> <C304DB494AC0C04C87C6A6E2FF5603DB47DE76AE73@NDJSSCC01.ndc.nasa.gov>
In-Reply-To: <C304DB494AC0C04C87C6A6E2FF5603DB47DE76AE73@NDJSSCC01.ndc.nasa.gov>
Accept-Language: en-US, en-GB
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-GB
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: tcpm@ietf.org, fernando@gont.com.ar, L.Wood@surrey.ac.uk
Subject: Re: [tcpm] Feedback request on draft-ietf-tcpm-tcp-security
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Mar 2010 23:23:42 -0000

On 1 Mar 2010, at 06:23, Eddy, Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP] wrote:

> The paragraph beginning with "This document is the result of a security assessment of the IETF specifications of the Transmission Control Protocol (TCP), from a security point of view.  Possible threats are identified and, where possible, countermeasures are proposed." should be replaced with something to the effect of "This document captures the best current practices in implementation, configuration, and use of TCP and its supporting protocols and extensions and has been produced by the IETF's TCP Maintenance and Minor Extensions Working Group (TCPM)."

Surely, "has been roadblocked and nitpicked to death at every possible opportunity by the TCP Maintenance and Minor Extensions Working Group (TCPM), so that this document is a shadow of its former self, but has now been edited and reworked sufficiently to give TCPM the necessary sense of ownership, dominance and authorship to permit the document to proceed." ?

This group's work is no longer about TCP, but about bad document re-re-re-re-re-writing; not something I'd have the patience for, and if I was the primary originating author I'd have moved on to more satisfying things long ago.

Sorry, I'm with Alfred. His assessment of this group is correct.

I'd insist on including a reference to the original CPNI security assessment document.

L.

Lloyd Wood
L.Wood@surrey.ac.uk
http://sat-net.com/L.Wood