IETF Logo Mail Archive

Re: Summary of responses so far and proposal moving forward[WasRe:[tcpm] Is this a problem?]

Joe Touch <touch@isi.edu> Mon, 03 December 2007 05:57 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iz4Ii-0002EG-Em; Mon, 03 Dec 2007 00:57:04 -0500
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1Iz4Ih-0002D4-Q3 for tcpm-confirm+ok@megatron.ietf.org; Mon, 03 Dec 2007 00:57:03 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Iz4Ih-0002Ap-EB for tcpm@ietf.org; Mon, 03 Dec 2007 00:57:03 -0500
Received: from mail.globalsuite.net ([69.46.103.200]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1Iz4Ig-0005QT-UV for tcpm@ietf.org; Mon, 03 Dec 2007 00:57:03 -0500
X-AuditID: c0a8013c-aef25bb000001e2e-3b-47539aaca235
Received: from [198.18.174.153] (unknown [207.236.117.226]) by mail.globalsuite.net (Symantec Mail Security) with ESMTP id 56B584DC007; Sun, 2 Dec 2007 22:56:54 -0700 (MST)
Message-ID: <47539A8B.8080708@isi.edu>
Date: Sun, 02 Dec 2007 21:56:27 -0800
From: Joe Touch <touch@isi.edu>
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: MURALI BASHYAM <murali_bashyam@yahoo.com>
Subject: Re: Summary of responses so far and proposal moving forward[WasRe:[tcpm] Is this a problem?]
References: <190369.62707.qm@web31711.mail.mud.yahoo.com>
In-Reply-To: <190369.62707.qm@web31711.mail.mud.yahoo.com>
X-Enigmail-Version: 0.95.5
X-Brightmail-Tracker: AAAAAA==
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 82c9bddb247d9ba4471160a9a865a5f3
Cc: Anantha Ramaiah <ananth@cisco.com>, TCP Maintenance and Minor Extensions WG <tcpm@ietf.org>, David Borman <david.borman@windriver.com>
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1961566466=="
Errors-To: tcpm-bounces@ietf.org


MURALI BASHYAM wrote:
...
>>> when we all agree that it's a protocol vulnerability being
>> exploited
>>
>  by the attacker. 
>> We never agreed to that; in fact, many of us feel that this is a
>> protocol feature that you have shown an artificial attack against which
>> is not necessarily more of a vulnerability than many other attacks
>> against other TCP features.
> 
> Explain to me specifically and clearly what the INDEFINITE wait in
> that ZWP state buys for the protocol or the application. Emphasis on the
> word INDEFINITE, i.e your arguments cannot relying on using a finite
> value to limit that duration. We know what its fallouts are. Where is
> the justification for making it INDEFINITE? The document doesn't give me
> enough justification for why it made that decision.

We've explained the reason for indefinite ZWP multiple times. To repeat
it here, TCP is allowed - explicitly - to permit the receiving
application to stall the transfer of data until its application is ready
to receive it. There is no limit on how long that can take; that has
been already described as a *feature* of TCP on this list.

You may disagree with this reason. However, the burden of proof of why
this is NOT appropriate is on you, since the above is how TCP is already
designed, and it is you who consider this an issue.

joe


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email