IETF Logo Mail Archive

Re: [tcpm] poll for adoption of draft-gont-tcpm-tcp-timestamps-03

Joe Touch <touch@ISI.EDU> Tue, 23 March 2010 19:33 UTC

Return-Path: <touch@ISI.EDU>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EE3263A6984 for <tcpm@core3.amsl.com>; Tue, 23 Mar 2010 12:33:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.96
X-Spam-Level:
X-Spam-Status: No, score=0.96 tagged_above=-999 required=5 tests=[AWL=0.571, BAYES_20=-0.74, DNS_FROM_OPENWHOIS=1.13]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vTO5Enbf9Zdx for <tcpm@core3.amsl.com>; Tue, 23 Mar 2010 12:33:11 -0700 (PDT)
Received: from nitro.isi.edu (nitro.isi.edu [128.9.208.207]) by core3.amsl.com (Postfix) with ESMTP id CA3263A69D5 for <tcpm@ietf.org>; Tue, 23 Mar 2010 12:32:48 -0700 (PDT)
Received: from [130.129.28.166] (dhcp-wireless-open-abg-28-166.meeting.ietf.org [130.129.28.166]) (authenticated bits=0) by nitro.isi.edu (8.13.8/8.13.8) with ESMTP id o2NJVdNL000093 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 23 Mar 2010 12:31:40 -0700 (PDT)
Message-ID: <4BA9171A.6030804@isi.edu>
Date: Tue, 23 Mar 2010 12:31:38 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: mallman@icir.org
References: <20100323190515.C7B4BBAF5D0@lawyers.icir.org>
In-Reply-To: <20100323190515.C7B4BBAF5D0@lawyers.icir.org>
X-Enigmail-Version: 0.96.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="------------enig62F5FB5ADAB1926F489C7711"
X-MailScanner-ID: o2NJVdNL000093
X-ISI-4-69-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: "tcpm@ietf.org" <tcpm@ietf.org>
Subject: Re: [tcpm] poll for adoption of draft-gont-tcpm-tcp-timestamps-03
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2010 19:33:12 -0000

See below...

Mark Allman wrote:
>> Yet another attempt to redefine TCP fields as providing "security".
> 
> Yeah, that's pretty bogus.
> 
> But, I don't think the rest of your argument holds much water.  In
> particular, 
> 
>   - Yeah, more state, but not a lot more state.  Yeah, more computation,
>     but not a lot more computation.  I think if moved forward this would
>     be something like a MAY or a SHOULD, not a MUST.  So, if someone had
>     a good reason (and sometimes state and computation are in short
>     supply) and they didn't want to do this, fine.
> 
>   - Perhaps the document needs clarification on the secret portion of
>     the computation, but I don't buy that this will unduly cause issues.
>     Worst case, we're where we are now---i.e., you discard SYNs until
>     the end of TIME_WAIT.  Best case, we understand that a new
>     connection is a new connection and we can truncate TIME_WAIT.
> 
> I just don't see the big worry here.  If its optionally keeping a long
> around and doing an add / packet I think that is a quite minor
> complaint. 
> 
> On the other hand, is this really *needed*?  No, absolutely not.

So then why bother? Are we in favor of just adding state and computation
to TCP?

Consider benefit vs the cost, where cost is not just state and
processing, but also specification complexity.

And it's useful to consider that this isn't the only such mod coming
down the pike. We just got done recommending random ephemeral ports. Now
we want random timestamp offsets. How much of this do we actually need,
and can we just keep it simple other than that?

> The
> client has the needed control right now in that it can just use a
> different ephemeral port for each connection.  And, unless you have some
> sort of Really Pathological Case then you're not going to need to re-use
> ephemerals often enough to hit a problem with everything being wedged in
> TIME_WAIT.  So, don't get me wrong, I won't be terribly sad to see this
> just go away.  But, it seems to me that plenty of people think its
> reasonable enough that the WG should take it on.  And, in the absence of
> any actual big issues it seems to be like that ought to be enough.

IMO, the threshold for changing TCP ought to be "do we absolutely need
it", not "absent big issues and seems reasonable".

Joe

v2.23.0 | Report a Bug | By Email