IETF Logo Mail Archive

Re: [tcpm] feedcback on tcp-secure-05: suggested text

Fernando Gont <fernando@gont.com.ar> Tue, 18 July 2006 21:15 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2wv1-0000U7-FM; Tue, 18 Jul 2006 17:15:51 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2wv0-0000SO-89 for tcpm@ietf.org; Tue, 18 Jul 2006 17:15:50 -0400
Received: from venus.xmundo.net ([201.216.232.56]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G2wux-0008Tk-JU for tcpm@ietf.org; Tue, 18 Jul 2006 17:15:50 -0400
Received: from fgont.gont.com.ar (171-180-231-201.fibertel.com.ar [201.231.180.171]) (authenticated bits=0) by venus.xmundo.net (8.12.11/8.12.11) with ESMTP id k6ILFiBH028597; Tue, 18 Jul 2006 18:15:47 -0300
Message-Id: <7.0.1.0.0.20060718174534.04c68e68@gont.com.ar>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Tue, 18 Jul 2006 17:57:30 -0300
To: Randall Stewart <rrs@cisco.com>, Ted Faber <faber@ISI.EDU>
From: Fernando Gont <fernando@gont.com.ar>
Subject: Re: [tcpm] feedcback on tcp-secure-05: suggested text
In-Reply-To: <44BD430B.50401@cisco.com>
References: <44B682AB.9010702@isi.edu> <7.0.1.0.0.20060715162015.085dce90@gont.com.ar> <44BB1965.9070305@isi.edu> <20060717180238.GE38453@hut.isi.edu> <20060718181852.GC50683@hut.isi.edu> <44BD430B.50401@cisco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 4adaf050708fb13be3316a9eee889caa
Cc: tcpm@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

At 17:22 18/07/2006, Randall Stewart wrote:

>With the minor tweak of pointing directly to
>6.1.1 .. I think what you have proposed is
>the right set of wording.

That document discusses ICMP in the context of IPSec'ed connections. 
If the connection is already secured by IPSec, you wouldn't bother 
about "in window" attacks.



>Getting bogged down in a ICMP attack issues disortation
>is silly and detracts from what we are trying to do...
>get tcp-secure finished...

Agreed. Given that the WG already has a document on this issue, it's 
probably better to provide a reference to that document, rather than 
trying to make recommendations from scratch.



>We can have a food-fight over the ICMP attacks document
>in the space of that document...

FWIW, I'd be interested in not having such a fight over any of the 
two documents. Both of them are WG documents, and I'm interested in 
having both of them finished. Both in the case of tcpsecure (at least 
wrt the SYN-based and RST-based attacks) and the ICMP attacks draft, 
the industry has already implemented the counter-measures.

Given that my opinion is already stated, I will focus on working on 
the drafts I still ahve to revise, and will refrain from adding 
anything else to this thread.

Kindest regards,

--
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1






_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email