Re: [tcpm] TCP-AO review comments.
Stefanos Harhalakis <v13@v13.gr> Sun, 10 August 2008 09:38 UTC
Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A8F9C3A6982; Sun, 10 Aug 2008 02:38:04 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5DA6C3A68AF for <tcpm@core3.amsl.com>; Sun, 10 Aug 2008 02:38:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PeLHznnSqHMw for <tcpm@core3.amsl.com>; Sun, 10 Aug 2008 02:38:02 -0700 (PDT)
Received: from mx-out.forthnet.gr (mx-out.forthnet.gr [193.92.150.104]) by core3.amsl.com (Postfix) with ESMTP id 3ED563A6982 for <tcpm@ietf.org>; Sun, 10 Aug 2008 02:38:01 -0700 (PDT)
Received: from mx-av-03.forthnet.gr (mx-av.forthnet.gr [193.92.150.27]) by mx-out-05.forthnet.gr (8.14.3/8.14.3) with ESMTP id m7A9bo8w011385; Sun, 10 Aug 2008 12:37:50 +0300
Received: from MX-IN-05.forthnet.gr (mx-in-05.forthnet.gr [193.92.150.32]) by mx-av-03.forthnet.gr (8.14.3/8.14.3) with ESMTP id m7A9bogQ030838; Sun, 10 Aug 2008 12:37:50 +0300
Received: from hell.hell.gr (adsl69-188.lsf.forthnet.gr [79.103.196.188]) by MX-IN-05.forthnet.gr (8.14.3/8.14.3) with ESMTP id m7A9blsD002269; Sun, 10 Aug 2008 12:37:48 +0300
Authentication-Results: MX-IN-05.forthnet.gr smtp.mail=v13@v13.gr; spf=neutral
Authentication-Results: MX-IN-05.forthnet.gr header.from=v13@v13.gr; sender-id=neutral
From: Stefanos Harhalakis <v13@v13.gr>
To: tcpm@ietf.org
Date: Sun, 10 Aug 2008 12:37:46 +0300
User-Agent: KMail/1.9.9
References: <0C53DCFB700D144284A584F54711EC58058C2FD4@xmb-sjc-21c.amer.cisco.com> <48939933.3030601@isi.edu> <C4CB96A1-6990-48A2-AF3E-A429C0DBE312@nokia.com>
In-Reply-To: <C4CB96A1-6990-48A2-AF3E-A429C0DBE312@nokia.com>
MIME-Version: 1.0
Content-Disposition: inline
Message-Id: <200808101237.46574.v13@v13.gr>
Cc: "Anantha Ramaiah (ananth)" <ananth@cisco.com>, ext Joe Touch <touch@isi.edu>
Subject: Re: [tcpm] TCP-AO review comments.
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-7"
Content-Transfer-Encoding: base64
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org
On Wednesday 06 August 2008, Lars Eggert wrote: > So, my current thinking is that AO should maybe move TCP-MD5 to > "historic". That would indicate that new implementations shouldn't > implement TCP-MD5 and existing ones are encouraged to move away from > it. But this isn't a clear -cut case. Comments? IMHO, "shouldn't implement" in the above phrase should be changed to "shouldn't use". For backwards compatibility reasons implementations may (or should) (and most probably will) implement TCP-MD5 too. > and TCP-MD5. AO is a replacement for TCP-MD5, but it isn't a simple > revision or extension of TCP-MD5, it's a new mechanism to provide > similar functionality in a (slightly) different way. Following your thoughts: Since TCP-AO is mutually exclusive with TCP-MD5, one cannot view them as two distinct options. This means that TCP-AO is actually a replacement of TCP-MD5 and we can also describe it as a 'newer, backwards-incompatible version' of the existing authentication mechanism of TCP. Having this in mind, perhaps 'obsoletes' is correct. Also, is there any good in including a (1-byte - or smaller with some unused bits) version field in TCP-AO? This will help similar future extensions/replacements and will also allow for easier authentication option handshaking by falling back to the highest commonly supported method. _______________________________________________ tcpm mailing list tcpm@ietf.org https://www.ietf.org/mailman/listinfo/tcpm
- Re: [tcpm] TCP-AO review comments. Joe Touch
- [tcpm] TCP-AO review comments. Anantha Ramaiah (ananth)
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Anantha Ramaiah (ananth)
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Eddy, Wesley M. (GRC-RCN0)[VZ]
- Re: [tcpm] TCP-AO review comments. Adam Langley
- Re: [tcpm] TCP-AO review comments. Chandrashekhar Appanna
- Re: [tcpm] TCP-AO review comments. Lars Eggert
- Re: [tcpm] TCP-AO review comments. Caitlin Bestler
- Re: [tcpm] TCP-AO review comments. Eric Rescorla
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Ron Bonica
- Re: [tcpm] TCP-AO review comments. Stefanos Harhalakis
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Stefanos Harhalakis
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Stefanos Harhalakis