Re: [tcpm] poll for adopting draft-gont-tcp-security
Matt Mathis <mathis@psc.edu> Thu, 25 June 2009 00:11 UTC
Return-Path: <matt.mathis@gmail.com>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3791C3A6D99 for <tcpm@core3.amsl.com>; Wed, 24 Jun 2009 17:11:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NfgsqnOCym6P for <tcpm@core3.amsl.com>; Wed, 24 Jun 2009 17:11:24 -0700 (PDT)
Received: from mail-yx0-f171.google.com (mail-yx0-f171.google.com [209.85.210.171]) by core3.amsl.com (Postfix) with ESMTP id F36D03A6D96 for <tcpm@ietf.org>; Wed, 24 Jun 2009 17:11:23 -0700 (PDT)
Received: by yxe1 with SMTP id 1so1729254yxe.29 for <tcpm@ietf.org>; Wed, 24 Jun 2009 17:11:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type:content-transfer-encoding; bh=fHCaSkUocJKYP8SPotEysLw43H9cvakEGgqxRXgt56I=; b=chz+I33goQ3eO9x6xyl36solBqSQ608DsQadq9cz8zs+6MhxJK4QhoeGzAf2A3eA0Y roqAPTyKrUz74KEVehkyNtEnNzqbnviKRFAxuj4mA1NeVsGSyX92VHpKKtkl0j+ZTLS8 IPrmQ+ZqXpD+0miW+wzweASVEZM2pw8MDimKA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=Np1UM0gRxc1SjX8aEbYE6pXAhnC4ozIhdUte3z1T9zj6xzzwXj2Lr/qcTjySN9lOvh kjnUiRgVnR6DNXcMbGqZXG9/rlM9bZOUUgTGixabKGnUE8wzcq77cLRH587NXskD/IfD Xcg4ukTi0PPhJX5jJTzNlrHh8YXM1gUDe+hmk=
MIME-Version: 1.0
Sender: matt.mathis@gmail.com
Received: by 10.90.116.6 with SMTP id o6mr1539862agc.34.1245888687387; Wed, 24 Jun 2009 17:11:27 -0700 (PDT)
In-Reply-To: <C304DB494AC0C04C87C6A6E2FF5603DB2217B28763@NDJSSCC01.ndc.nasa.gov>
References: <C304DB494AC0C04C87C6A6E2FF5603DB2217B28763@NDJSSCC01.ndc.nasa.gov>
Date: Wed, 24 Jun 2009 20:11:27 -0400
X-Google-Sender-Auth: ecbd8073ff1f6ff4
Message-ID: <fc0ff13d0906241711k44de4f77u8ec825e1ea151a1e@mail.gmail.com>
From: Matt Mathis <mathis@psc.edu>
To: "Eddy, Wesley M. (GRC-MS00)[Verizon]" <wesley.m.eddy@nasa.gov>, tcpm Extensions WG <tcpm@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [tcpm] poll for adopting draft-gont-tcp-security
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jun 2009 00:11:25 -0000
THIS DOCUMENT IS EXTREMELY DANGEROUS:: It is based in the same mindset that successfully killed ECN before ECN was even conceived. The basic point of view is that firewalls should discard all traffic bearing features that are not explicitly permitted by todays standards. I read all of 2 pages before I found something that, if significantly deployed, would haunt some Internet users for a very very long time (p 43, SACK resource exhaustion). I fear that we can not afford to do anything except go over this document with a fine toothed comb and correct it. Any other response (such as trying to dismiss it) is likely to have the consequence that is it adopted by some other standards organization, and that TCP will become frozen forever at it's current state of brokenness. And then all of us who think TCP might still be improved may as well just go home and retire, because nothing that we want to try will be permitted by standard conforming firewalls. No I really don't want to work on this document, but I am not ready to retire yet, so I guess I will. Think of it a huge gray-matter tax imposed by one standards organization on another. Thanks, --MM-- ------------------------------------------- Matt Mathis http://www.psc.edu/~mathis Work:412.268.3319 Home/Cell:412.654.7529 ------------------------------------------- Evil is defined by mortals who think they know "The Truth" and use force to apply it to others. On Wed, Jun 24, 2009 at 3:25 PM, Eddy, Wesley M. (GRC-MS00)[Verizon]<wesley.m.eddy@nasa.gov> wrote: > TCPMers, there was a thread a while ago about working on > draft-gont-tcp-security in this working group that didn't > conclusively give us a feeling one way or other: > http://www.ietf.org/mail-archive/web/tcpm/current/msg04489.html > > Basically, my understanding is that there are at least a > handful of people in the WG that think it should be done > here as a WG item (more likely for Informational rather > than BCP), and there are also some expressed opinions on > why it shouldn't. > > Given the raw size of the document, if the WG intends to > take this document on, then we need some people to clearly > commit to putting cycles into review and contributions to > the document. Since it is quite large, and to my knowledge, > there hasn't been a specific technical review of the content > on this list, but just discussions about if the idea in > general is a good or bad thing, we still need to know if > people are willing to invest their time and energy in this. > > Please let us know if there is traction for this in the > near term, and/or we can also discuss it in Stockholm. > > --------------------------- > Wes Eddy > Network & Systems Architect > Verizon FNS / NASA GRC > Office: (216) 433-6682 > --------------------------- > > _______________________________________________ > tcpm mailing list > tcpm@ietf.org > https://www.ietf.org/mailman/listinfo/tcpm >
- [tcpm] poll for adopting draft-gont-tcp-security Eddy, Wesley M. (GRC-MS00)[Verizon]
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Matt Mathis
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Matt Mathis
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Alfred Hönes
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Ilpo Järvinen
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Eddy, Wesley M. (GRC-MS00)[Verizon]
- [tcpm] [Fwd: Re: poll for adopting draft-gont-tcp… Fernando Gont
- [tcpm] [Fwd: Re: poll for adopting draft-gont-tcp… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Christos Zoulas
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Eddy, Wesley M. (GRC-MS00)[Verizon]
- [tcpm] Handling of malformed options (was: Re: po… Fernando Gont
- Re: [tcpm] Handling of malformed options Joe Touch
- Re: [tcpm] Handling of malformed options Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Lloyd Wood
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Lloyd Wood
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Lloyd Wood
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Lloyd Wood
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Lloyd Wood
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Fernando Gont
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Joe Touch
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Lloyd Wood
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Andrew Yourtchenko
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… Dan Wing
- Re: [tcpm] poll for adopting draft-gont-tcp-secur… David Borman