Re: [tcpm] TCP Connection ID
Joseph Touch <touch@strayalpha.com> Wed, 20 May 2020 17:52 UTC
Return-Path: <touch@strayalpha.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A20663A0C59 for <tcpm@ietfa.amsl.com>; Wed, 20 May 2020 10:52:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.318
X-Spam-Level:
X-Spam-Status: No, score=-1.318 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v0Olpjt3OFZe for <tcpm@ietfa.amsl.com>; Wed, 20 May 2020 10:52:55 -0700 (PDT)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84D933A0C52 for <tcpm@ietf.org>; Wed, 20 May 2020 10:52:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=0AQ7fQiC6RCaMRUb2OPTGqydIE5ZXExNZnGar8h2DDU=; b=syh7txaIXBtSA27zcpr5ZgZFF UN1yFKWK46oqifNgGV9dtB0fl38Y7tvssKdpmoT4jXdXkFMPntr9mdOFnxTM5Jpj9B7NjcZZ1dfH1 yhppOOs0/9lH9oXYlZCC6X3Wwgky06nr6EN2S2mRtRnrLdPxjE0efly+ugSu+QKgH25MMjpMxxvMq B/mPOwOuOAZOVwlkAqIKjoVNi8aob0gGzKAkFx1A7VJOGQ3fohx1cV0PZ10xq5NUz/I+F7zuiKv3c tD5wRqu4P8Vt8HrI1v3ew8JwNxqGROo1caEDgudoFoGI9TthcXafWzewOPW7D/C5T9jr9kAee+ly3 Xx6r5QnEg==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:55569 helo=[192.168.1.14]) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <touch@strayalpha.com>) id 1jbStd-002s0O-Rz; Wed, 20 May 2020 13:52:54 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_B33BF761-0149-4437-8123-99133C92B693"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: Joseph Touch <touch@strayalpha.com>
In-Reply-To: <@localhost>
Date: Wed, 20 May 2020 10:52:48 -0700
Cc: Jonathan Morton <chromatix99@gmail.com>, Alexander Azimov <a.e.azimov@gmail.com>, tcpm <tcpm@ietf.org>
Message-Id: <8586FD82-CE31-4A28-BF98-B89C97300DA8@strayalpha.com>
References: <CAEGSd=DQwj_XbpxCz=7GYTgzjGM=ARqgw3oG58_Y9hbNZpPPrQ@mail.gmail.com> <CAEGSd=BrgqFrZVexkKhvYr2Yeu-B2Gyde7aYevPqTr8MzWQs4A@mail.gmail.com> <F9052E4F-16BB-4F22-8AAB-FED5CF7FD365@gmail.com> <@localhost>
To: cait <cait@asomi.com>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/6EEo43rPo4OR3uvBHtio7s6dEg8>
Subject: Re: [tcpm] TCP Connection ID
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 May 2020 17:52:58 -0000
Right - I think that if RFC7974 doesn’t work for you, you’ll need to provide a much more precise description of what you’re seeking. From your description below, it’s not a connection ID you want; you really seem to be re-inventing cookies (something that lets the server re-establish state with a client BETWEEN connections, not just within one), and you want that cookie to govern how the middle box works. Good luck with that. I think any decent security mechanism would (or should) prevent that. Joe > On May 20, 2020, at 10:32 AM, cait <cait@asomi.com> wrote: > > Read the caveats in the RFC that Joe cited. How would a server chosen direct index fair any better than client selected? > > > >> On May 20, 2020 at 8:08 AM, Alexander Azimov <a.e.azimov@gmail.com <mailto:a.e.azimov@gmail.com>> wrote: >> >> Hi all, >> >> The email from Joe got into the spam box, so I was able to find it only after your notice. Thank you. >> >> The Host Id presented in RFC7974 is a very different approach: it is client-side id generated at the moment of the SYN which should help to distinguish different hosts behind NAT. >> >> What I'm looking for is a connection id, generated at the server-side and sent back with a SYN/ACK, which is next mirrored by the client.. It is not meant for host identification, but it can be used for connection identification by the middlebox under the same administrative control. And there is no need to have a 1:1 map id to a server, instead, each server should use randomized ids with encryption. >> >> And speaking about IPv6 Flow Label it's not working for IPv4 + it current implementation in Linux already has great use cases, so even in the world of IPv6 only I would prefer to keep it without overloading its functions. >> >> _______________________________________________ >> tcpm mailing list >> tcpm@ietf.org >> https://www.ietf.org/mailman/listinfo/tcpm >> > _______________________________________________ > tcpm mailing list > tcpm@ietf.org > https://www.ietf.org/mailman/listinfo/tcpm
- [tcpm] TCP Connection ID Alexander Azimov
- Re: [tcpm] TCP Connection ID Joseph Touch
- Re: [tcpm] TCP Connection ID Alexander Azimov
- Re: [tcpm] TCP Connection ID Jonathan Morton
- Re: [tcpm] TCP Connection ID Alexander Azimov
- Re: [tcpm] TCP Connection ID Scharf, Michael
- Re: [tcpm] TCP Connection ID cait
- Re: [tcpm] TCP Connection ID Joseph Touch
- Re: [tcpm] TCP Connection ID Alexander Azimov
- Re: [tcpm] TCP Connection ID Joseph Touch
- Re: [tcpm] TCP Connection ID Olivier Bonaventure
- Re: [tcpm] TCP Connection ID Alexander Azimov
- Re: [tcpm] TCP Connection ID Joseph Touch
- Re: [tcpm] TCP Connection ID Alexander Azimov
- Re: [tcpm] TCP Connection ID Joseph Touch
- Re: [tcpm] TCP Connection ID Olivier Bonaventure
- Re: [tcpm] TCP Connection ID Joseph Touch
- Re: [tcpm] TCP Connection ID Yoshifumi Nishida
- Re: [tcpm] TCP Connection ID Alexander Azimov