Re: [tcpm] tcp-security: More feedback requested for the document outline

Joe Touch <touch@ISI.EDU> Wed, 09 September 2009 06:18 UTC

Return-Path: <touch@ISI.EDU>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 560003A6ACF for <tcpm@core3.amsl.com>; Tue, 8 Sep 2009 23:18:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.523
X-Spam-Level:
X-Spam-Status: No, score=-2.523 tagged_above=-999 required=5 tests=[AWL=0.076, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hPApODQAWx2z for <tcpm@core3.amsl.com>; Tue, 8 Sep 2009 23:18:03 -0700 (PDT)
Received: from nitro.isi.edu (nitro.isi.edu [128.9.208.207]) by core3.amsl.com (Postfix) with ESMTP id 73B6E3A6A59 for <tcpm@ietf.org>; Tue, 8 Sep 2009 23:18:03 -0700 (PDT)
Received: from [192.168.1.47] (pool-71-106-88-10.lsanca.dsl-w.verizon.net [71.106.88.10]) (authenticated bits=0) by nitro.isi.edu (8.13.8/8.13.8) with ESMTP id n896HrGF008411 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 8 Sep 2009 23:17:54 -0700 (PDT)
Message-ID: <4AA74891.4000407@isi.edu>
Date: Tue, 08 Sep 2009 23:17:53 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Fernando Gont <fernando@gont.com.ar>
References: <4AA74452.7060409@gont.com.ar>
In-Reply-To: <4AA74452.7060409@gont.com.ar>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-MailScanner-ID: n896HrGF008411
X-ISI-4-69-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: "tcpm-chairs@tools.ietf.org" <tcpm-chairs@tools.ietf.org>, "tcpm@ietf.org" <tcpm@ietf.org>
Subject: Re: [tcpm] tcp-security: More feedback requested for the document outline
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Sep 2009 06:18:04 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Fernando Gont wrote:
> Folks,
> 
> The original deadline for commenting on the document outline is over.
> These are the comments so far:
> 
> * Joe: wants to change the outline from the current outline (which
> basically analyzes TCP on a "per-protocol-field",
> "per-protocol-mechanism" basis, etc.) to an outline that basically
> analyzes TCP on a "per-attack" basis (his proposal is available at:
> http://www.ietf.org/mail-archive/web/tcpm/current/msg04838.html)

The outline I proposed breaks things down into groups based on:
	
	control plane in-band
	control plane out-of-band
	data plane
	API

This is (loosely) based on how TCP is specified (order not withstanding).

Although I did suggest talking about attacks first, then talking about
mitigations (to separate the two, because a single attack can have
multiple mitigations, and a single mitigation can inhibit multiple
attacks), the overall structure is not per-attack as much as it based on
breaking the protocol down into its component parts.

- ---

It also distinguishes between protocol weaknesses (places where the
protocol creates a vulnerability, regardless of implementation - e.g.,
ICMP attacks), implementation choice issues (places where a choice left
to implementers can cause problems if poorly chosen - e.g., how some
SHOULDs turn into "don't do this in a secure implementation"), and
implementation vulnerabilities (implementation issues not related to
choices in the spec that create problems - e.g., searching the TIME-WAIT
list linearly).

Regardless of how we proceed, I believe that this latter issue should be
considered in the presentation of solutions.

> * Wesley: would like to change the outline as proposed by Joe, but could
> live without doing that.
> 
> * Alfred: wants to leave the outline as is
> 
> * Fernando: wants to leave the outline as is
> 
> * Toby: wants to change the outline as proposed by Joe
> 
> I don't personally see clear consensus for changing the outline (even
> less if we consider that many more people had agreed to accept the
> document "as is").
> 
> However, as there have not been that many opinions about the outline, I
> think it would be a good idea if wg participants that have not yet
> voiced their opinion regarding the document outline have another chance
> to do it.
> 
> So let's set a new deadline for this second round off-comments: if you
> have any comments regarding the document outline, please voice your
> opinion till September 16th (Wednesday), 2009.
> 
> Thanks!
> 
> Kind regards,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqnSJEACgkQE5f5cImnZrvSDACg07iCr3uC1ORZ8rvT3PWYrbmq
yDYAoKzt6bDekRm6c5HLvgmDVenPW2m1
=Qg/w
-----END PGP SIGNATURE-----