Re: [tcpm] SYN/ACK Payloads, draft 01
Joe Touch <touch@ISI.EDU> Fri, 15 August 2008 16:35 UTC
Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CBC6428C24A; Fri, 15 Aug 2008 09:35:57 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1375928C249 for <tcpm@core3.amsl.com>; Fri, 15 Aug 2008 09:35:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wfYfo50d6hHe for <tcpm@core3.amsl.com>; Fri, 15 Aug 2008 09:35:56 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by core3.amsl.com (Postfix) with ESMTP id 3074F28B797 for <tcpm@ietf.org>; Fri, 15 Aug 2008 09:35:56 -0700 (PDT)
Received: from [75.211.28.114] (114.sub-75-211-28.myvzw.com [75.211.28.114]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id m7FGYxpr000437 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 15 Aug 2008 09:35:02 -0700 (PDT)
Message-ID: <48A5B003.5070408@isi.edu>
Date: Fri, 15 Aug 2008 09:34:11 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: Adam Langley <agl@imperialviolet.org>
References: <396556a20808111035s2b974233o1e9d3671e82e3350@mail.gmail.com> <000301c8fc81$8e02d470$aa087d50$@pt> <396556a20808120914k6d087534o5c34dfd51dd7d1c5@mail.gmail.com> <000b01c8fc9f$4d9f3c20$e8ddb460$@pt> <396556a20808121155h4e3c551aqcf5260d551bcdd4a@mail.gmail.com> <78C9135A3D2ECE4B8162EBDCE82CAD77040E3E2E@nekter> <396556a20808141014m459e07ebh667aaee60e355ac9@mail.gmail.com> <78C9135A3D2ECE4B8162EBDCE82CAD77040E3F07@nekter> <396556a20808141341p5cb6f6b6m59c95094517a142f@mail.gmail.com> <48A563F1.8060607@0x63.nu> <396556a20808150757n576ebcd7ie12f44034cc26321@mail.gmail.com>
In-Reply-To: <396556a20808150757n576ebcd7ie12f44034cc26321@mail.gmail.com>
X-Enigmail-Version: 0.95.7
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: tcpm@ietf.org, Anders Waldenborg <anders@0x63.nu>
Subject: Re: [tcpm] SYN/ACK Payloads, draft 01
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Adam Langley wrote: > On Fri, Aug 15, 2008 at 4:09 AM, Anders Waldenborg <anders@0x63.nu> wrote: >> Doesn't SA payloads open up for DoS-amplification (attacker would send SYN >> packets to your SMTP server with spoofed source address to send more data to >> victim then would be possible by sending them directly to victim)? > > It's certainly a consideration, which is why the draft recommended > that 64 bytes be the maximum payload size. At this size there are more > juicy targets for amplification, like DNS servers. FWIW, since this is payload data, the size of the data is an implementation detail - unless, as I've noted, you're changing the semantics of TCP from a byte stream to delineated messages. (yes, you're already changing the semantics from one where connection info is available only after TWHS to one that allows info to be used by the app before the TWHS completes, which is a different issue) Joe -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkilsAMACgkQE5f5cImnZrukEgCgmJ8EMS2Ok5wrxzMl9IpziV9w tGgAnj2Lc1kNceJVbamjJvUMnP21TRzH =G70K -----END PGP SIGNATURE----- _______________________________________________ tcpm mailing list tcpm@ietf.org https://www.ietf.org/mailman/listinfo/tcpm
- Re: [tcpm] SYN/ACK Payloads, draft 01 Sergio Freire
- [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Sergio Freire
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Sergio Freire
- Re: [tcpm] SYN/ACK Payloads, draft 01 Lars Eggert
- Re: [tcpm] SYN/ACK Payloads, draft 01 Sergio Freire
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Sergio Freire
- Re: [tcpm] SYN/ACK Payloads, draft 01 Eric Rescorla
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Eric Rescorla
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Eric Rescorla
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Eric Rescorla
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Caitlin Bestler
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Caitlin Bestler
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Michael Tüxen
- Re: [tcpm] SYN/ACK Payloads, draft 01 Caitlin Bestler
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Eric Rescorla
- Re: [tcpm] SYN/ACK Payloads, draft 01 Michael Tüxen
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Caitlin Bestler
- Re: [tcpm] SYN/ACK Payloads, draft 01 Adam Langley
- Re: [tcpm] SYN/ACK Payloads, draft 01 Anantha Ramaiah (ananth)
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch
- Re: [tcpm] SYN/ACK Payloads, draft 01 Joe Touch