[tcpm] RE: TCP secure

"Anantha Ramaiah (ananth)" <ananth@cisco.com> Tue, 08 January 2008 16:37 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JCHSJ-0000wL-LH; Tue, 08 Jan 2008 11:37:35 -0500
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1JCHSI-0000sr-C0 for tcpm-confirm+ok@megatron.ietf.org; Tue, 08 Jan 2008 11:37:34 -0500
Received: from [] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JCHSI-0000sd-29 for tcpm@ietf.org; Tue, 08 Jan 2008 11:37:34 -0500
Received: from sj-iport-2-in.cisco.com ([] helo=sj-iport-2.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JCHSH-0003gH-EH for tcpm@ietf.org; Tue, 08 Jan 2008 11:37:34 -0500
X-IronPort-AV: E=Sophos;i="4.24,258,1196668800"; d="scan'208";a="10520105"
Received: from sj-dkim-2.cisco.com ([]) by sj-iport-2.cisco.com with ESMTP; 08 Jan 2008 08:37:32 -0800
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com []) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id m08GbWh5014568; Tue, 8 Jan 2008 08:37:32 -0800
Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com []) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id m08GbRFU000267; Tue, 8 Jan 2008 16:37:27 GMT
Received: from xmb-sjc-21c.amer.cisco.com ([]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 8 Jan 2008 08:37:25 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 08 Jan 2008 08:37:20 -0800
Message-ID: <0C53DCFB700D144284A584F54711EC5804830AB1@xmb-sjc-21c.amer.cisco.com>
Thread-Topic: TCP secure
Thread-Index: AchOTGxU+YLeyjV5T12k8IIaALueMADx7/xA
From: "Anantha Ramaiah (ananth)" <ananth@cisco.com>
To: TCP Maintenance and Minor Extensions WG <tcpm@ietf.org>
X-OriginalArrivalTime: 08 Jan 2008 16:37:25.0681 (UTC) FILETIME=[C0293A10:01C85214]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=3900; t=1199810252; x=1200674252; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=ananth@cisco.com; z=From:=20=22Anantha=20Ramaiah=20(ananth)=22=20<ananth@cisco .com> |Subject:=20RE=3A=20TCP=20secure=20 |Sender:=20; bh=QujEnMlX/UT9knyFgqMlmW9QZeMIrVG3d2lOHy3zrgs=; b=eNWJLS/JaSL8mdf7qXBVwnl3TI7Oa9g0KQD6vyyLAaR138nJgmsfwFU3sU T2a6E2MV8mPgstml9ruy9Tb3edIkIAnwG8D01s/iasxujOhRsNhZvbxN1C9z c1x+FH6uaO;
Authentication-Results: sj-dkim-2; header.From=ananth@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; );
X-Spam-Score: -4.0 (----)
X-Scan-Signature: 057ebe9b96adec30a7efb2aeda4c26a4
Cc: Ted Faber <faber@isi.edu>, mallman@icir.org
Subject: [tcpm] RE: TCP secure
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

More latest developments on this. Since the draft was expiring on Jan
9th, I had to post a new version to renew the draft which should show up
in the usual places very soon. This version has :-

- The Applicability statement in place (section 1.1) 
- Alfred Hoenes had some editorial comments on the previous version,
incorporated them.

You can use the AS in the draft as a reference for discussions
pertaining to the same.


> -----Original Message-----
> From: Anantha Ramaiah (ananth) 
> Sent: Thursday, January 03, 2008 1:06 PM
> To: TCP Maintenance and Minor Extensions WG
> Cc: 'mallman@icir.org'; Ted Faber
> Subject: TCP secure 
> Greetings,
> The following note pertains to the TCP secure document and 
> the hope is to get this to WGLC once the pending issues are resolved.
> Summary
> =======
> After the presentation in the Chicago IETF and the follow up 
> discussions on the mailing list w.r.t the strength of the 
> mitigations, the outcome of which was to have an 
> applicability statement and then go about getting consensus 
> on the strength of each individual mitigation. To quote Mark Allman :
>   It seems to me that this discussion is really divergent 
> because there
>   is no applicability statement in the document, per Lars' comment.  I
>   wonder if you guys could go off and generate such a 
> statement and then
>   we could re-visit this question.  I think that would factor things
>   into a question of "where" this is applicable and then how 
> strongly we
>   want to advocate these mitigations within that context.  Is that
>   reasonable?
> There was a discussion in which some folks mentioned how the 
> AS should be structured. We have attempted to capture this 
> and what follows is the sample AS.
> ==============================================================
> ========================
> The mitigations presented in this document talks about some 
> known in-window attacks and the solutions to the same. The 
> mitigations suggested in this draft SHOULD (RECOMMENDED) be 
> implemented in devices where the TCP connections are most 
> vulnerable to the attacks described in this document.  Some 
> examples of such TCP connections are the ones that tend to be 
> long-lived where the connection end points can be determined, 
> in cases where no auxiliary anti-spoofing protection 
> mechanisms like TCP MD5 can be deployed. TCP secure MAY 
> (OPTIONAL) be implemented in other cases. 
> ==============================================================
> ==========================
> It would be nicer if folks can comment on the 
> A) AS and suggest any modifications.
> B) choose the strength of each mitigation WITH reasoning.
> My vote
> =======
> Since AS covers the main concern, my vote would go for all 
> MUST's or SHOULD's.
> Reason for picking MUST's or SHOULD's : 
> With AS in place, the document has given enough leeway for 
> implementers to pick and chose whether one wants to implement 
> TCP secure or not. These mitigations are important since it 
> increases TCP's robustness to various attacks described in 
> the document. Hence I would color them as MUST's or SHOULD's.
> Thanks,
> Anantha

tcpm mailing list