Re: [tcpm] Secdir last call review of draft-ietf-tcpm-rfc793bis-24

Kyle Rose <krose@krose.org> Sun, 05 September 2021 17:33 UTC

Return-Path: <krose@krose.org>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 47E7D3A0B91 for <tcpm@ietfa.amsl.com>; Sun, 5 Sep 2021 10:33:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I_P_85WpV8P7 for <tcpm@ietfa.amsl.com>; Sun, 5 Sep 2021 10:33:12 -0700 (PDT)
Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C7503A0B8B for <tcpm@ietf.org>; Sun, 5 Sep 2021 10:33:11 -0700 (PDT)
Received: by mail-wr1-x432.google.com with SMTP id b6so6217710wrh.10 for <tcpm@ietf.org>; Sun, 05 Sep 2021 10:33:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kdCA4FwEIMj8bc8z1gfs4qCbI/KJmzPmr6fk+i1Q93I=; b=bAzdOuO20cz5CWMpnZMKHAZks2OPV0RmpgIj4Djf22KYOEVPoG5x1Fa7pqSxhLT4j0 P6zDA/Hfydhexb9E4jRsPZXMmH9gzIcYV/h+IeCOG05JqDzWoMnz4d+6JBg6cMaxTXR3 PP63OOWWtgJ+xBpkyqrrQmGRlMToeDdK4BU+8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kdCA4FwEIMj8bc8z1gfs4qCbI/KJmzPmr6fk+i1Q93I=; b=FU/vRaKzLvDJxOgKuRBv4Ju7OcwCvi3orL5Ji8fMVHYTrxY04DcaWLfOx1W66CcROI uTuRPrF9R4DxyX3ei8TbtTT9U/DA7pHC3sLEaZB9AtAgzJEP09iUdaZZuRm64lKl/BZ0 v7I5NgnMAfqCjXcfH9cKQLxoEmF5Yqg57yGuOjiCiBhPhwBl8vNvZtHUB8vEEuHNieB8 8i0WsJIYRA131QSqFYh4hd34JT05rKjKhxJZeEiEQs8tGlwA0nAN2F3kDzt4y7iGCT7f 6WThyQ9hznlnIvOTyeuvoqp2Ct8WvnhDbAIBrgq17SrSllIZn3wpMmPCRCNQJOMYYYoy HNGw==
X-Gm-Message-State: AOAM533Bog1FDN+NwhuSFOlL8XifKNY+sMKKnp8oc1iuqFyEu3j3AOVF gGd46HRx7WufNyAak+YudMxEUcB/itHps/jWeCqoTA==
X-Google-Smtp-Source: ABdhPJy2Jjk5u3PlZS/9mMvZsIlX1jjnoW0QLgoW8AH1qANONXTAcXg4ZP2wtIt4JsmN/MmlqAzmhTAyEV2JUTZ8rYk=
X-Received: by 2002:adf:e4c5:: with SMTP id v5mr9102295wrm.1.1630863189499; Sun, 05 Sep 2021 10:33:09 -0700 (PDT)
MIME-Version: 1.0
References: <162767735763.27351.5673596060247016004@ietfa.amsl.com> <cd7d3085-7602-b6f9-471b-4c7fed99e158@mti-systems.com> <CAJU8_nXjH=i-cZDOLy3piA8a65=pe4YQEZSsNF27bGCtxjVmLg@mail.gmail.com> <290f7fc9-7a05-5474-ca8f-17d63d9f7b36@mti-systems.com> <CAJU8_nUTBm-6mF=FLvqvZyFAHJknsQMyAXuNYr+hK6fXBTC2eA@mail.gmail.com> <52ced251-299b-f47e-29d8-1c32e379c354@erg.abdn.ac.uk>
In-Reply-To: <52ced251-299b-f47e-29d8-1c32e379c354@erg.abdn.ac.uk>
From: Kyle Rose <krose@krose.org>
Date: Sun, 5 Sep 2021 13:32:58 -0400
Message-ID: <CAJU8_nXi5=6MD9cvGkd3E3xvF3o=JeR4xw4+x5NphTQxstYGbw@mail.gmail.com>
To: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Cc: Wesley Eddy <wes@mti-systems.com>, tcpm IETF list <tcpm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001677d805cb42ede4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/9jtR0LKV6IhUaNjetWAsRt7lu10>
Subject: Re: [tcpm] Secdir last call review of draft-ietf-tcpm-rfc793bis-24
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Sep 2021 17:33:18 -0000

On Sun, Sep 5, 2021 at 12:51 PM Gorry Fairhurst <gorry@erg.abdn.ac.uk>
wrote:

> To me, this has a much more complicated history, and I think TCP has been
> extended many times - albeit not sucessfully in the ways mentioned above,
> but in other watys. It seems like a discussion of whether ossification has
> been good or bad. I'd also really quite concerned to see words like "often"
> used without clarifying further -  there are legitimate cases where
> filtering can be useful for managing the security of TCP connections: A
> firewall in one context might do many things, and that might actually be a
> good security model; in another context that might be different.
>
I'm not in favor of making a value judgment or discussing the wisdom of
approaches to addressing ossification in this document, but I do think,
given the rare opportunity of publishing a 793bis, that it's worth putting
the implications of TCP ossification in writing so we don't have to
relitigate these issues or explain in detail why such-and-such won't work
whenever they come up in future attempts to extend TCP. I guess I'm arguing
that we shouldn't need Joe Touch to explain multiple times to multiple
groups why a given proposal won't work when we can explain it once and
mic-drop a one-line reference to that.

I'd also question the importance of
> https://datatracker.ietf.org/doc/html/draft-iab-use-it-or-lose-it, in
> relation to the core TCP spec, even though the message is clear for MPTCP.
>

This is why I put it in a parenthetical. It's not directly relevant to TCP,
but it does indicate to the interested reader an approach that newer
protocol designs have taken to avoid one of the causes of ossification. I
agree it's not essential.

Kyle