Re: [tcpm] tcp-security: Request for feedback on the outline of the document

Fernando Gont <fernando@gont.com.ar> Tue, 25 August 2009 20:31 UTC

Return-Path: <fernando@gont.com.ar>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D720428C20B for <tcpm@core3.amsl.com>; Tue, 25 Aug 2009 13:31:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.911
X-Spam-Level:
X-Spam-Status: No, score=-2.911 tagged_above=-999 required=5 tests=[AWL=0.688, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lFB4e8to+o+H for <tcpm@core3.amsl.com>; Tue, 25 Aug 2009 13:31:04 -0700 (PDT)
Received: from smtp1.xmundo.net (smtp1.xmundo.net [201.216.232.80]) by core3.amsl.com (Postfix) with ESMTP id E2B5B28C24E for <tcpm@ietf.org>; Tue, 25 Aug 2009 13:31:02 -0700 (PDT)
Received: from venus.xmundo.net (venus.xmundo.net [201.216.232.56]) by smtp1.xmundo.net (Postfix) with ESMTP id 86A406B6621; Tue, 25 Aug 2009 17:31:11 -0300 (ART)
Received: from [192.168.0.136] (129-130-17-190.fibertel.com.ar [190.17.130.129]) (authenticated bits=0) by venus.xmundo.net (8.14.1/8.14.1) with ESMTP id n7PKUvDK003625; Tue, 25 Aug 2009 17:30:58 -0300
Message-ID: <4A944A03.1090803@gont.com.ar>
Date: Tue, 25 Aug 2009 17:30:59 -0300
From: Fernando Gont <fernando@gont.com.ar>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Joe Touch <touch@ISI.EDU>
References: <4A8CBF98.1070809@gont.com.ar> <4A8D939E.9050008@isi.edu> <C304DB494AC0C04C87C6A6E2FF5603DB479B7E7359@NDJSSCC01.ndc.nasa.gov> <4A94307E.2080209@gont.com.ar> <4A943CEA.4000905@isi.edu>
In-Reply-To: <4A943CEA.4000905@isi.edu>
X-Enigmail-Version: 0.95.7
OpenPGP: id=D076FFF1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 (venus.xmundo.net [201.216.232.56]); Tue, 25 Aug 2009 17:31:10 -0300 (ART)
Cc: "tcpm@ietf.org" <tcpm@ietf.org>
Subject: Re: [tcpm] tcp-security: Request for feedback on the outline of the document
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2009 20:31:04 -0000

Joe Touch wrote:

>> e.g., think about the "Rose attack" described in the MSS section. The
>> attack employs the TCP MSS option (and thus would be included in
>> "control attacks" according to Joe's outline). However, the attack
>> attempts to degrade performance. So.. where would the attack be finally
>> included?
> 
>> Joe argues that "info leaking" and that port scanning is a "control
>> attack". But one might argue that port scanning is, in some sense, an
>> info leaking attack.
> 
> That's a property of any way of organizing the topics - there are bound
> to be overlapping cases. 

I don't think there's overlap in the current structure of the document.


> The issue to me is that the outline I proposed
> has easily recognized structure to it, and I at least know where various
> attacks should go (even if they go in one place and are cross-referenced
> and also discussed in others).

IMO, the issue here is not whether one knows where to put them, but
rather whether implementers would know where to find them.

IMHO, I'd live the main structure "as is", and would add an alternate
index (e.g., the one you proposed) in an appendix (as David suggested).

Thanks,
-- 
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1