Re: [tcpm] poll for adopting draft-gont-tcp-security

[Matt Mathis <mathis@psc.edu>]

THIS DOCUMENT IS EXTREMELY DANGEROUS:: It is based in the same mindset
that successfully killed ECN before ECN was even conceived.  The basic
point of view is that firewalls should discard all traffic bearing
features that are not explicitly permitted by todays standards.

I read all of 2 pages before I found something that, if significantly
deployed, would haunt some Internet users for a very very long time (p
43, SACK resource exhaustion).

I fear that we can not afford to do anything except go over this
document with a fine toothed comb and correct it.  Any other response
(such as trying to dismiss it) is likely to have the consequence that
is it adopted by some other standards organization, and that TCP will
become frozen forever at it's current state of brokenness.

And then all of us who think TCP might still be improved may as well
just go home and retire, because nothing that we want to try will be
permitted by standard conforming firewalls.

No I really don't want to work on this document, but I am not ready to
retire yet, so I guess I will.

Think of it a huge gray-matter tax imposed by one standards
organization on another.

Thanks,
--MM--
-------------------------------------------
Matt Mathis      http://www.psc.edu/~mathis
Work:412.268.3319   Home/Cell:412.654.7529
-------------------------------------------
Evil is defined by mortals who think they know
"The Truth" and use force to apply it to others.



On Wed, Jun 24, 2009 at 3:25 PM, Eddy, Wesley M.
(GRC-MS00)[Verizon]<wesley.m.eddy@nasa.gov> wrote:
> TCPMers, there was a thread a while ago about working on
> draft-gont-tcp-security in this working group that didn't
> conclusively give us a feeling one way or other:
> http://www.ietf.org/mail-archive/web/tcpm/current/msg04489.html
>
> Basically, my understanding is that there are at least a
> handful of people in the WG that think it should be done
> here as a WG item (more likely for Informational rather
> than BCP), and there are also some expressed opinions on
> why it shouldn't.
>
> Given the raw size of the document, if the WG intends to
> take this document on, then we need some people to clearly
> commit to putting cycles into review and contributions to
> the document.  Since it is quite large, and to my knowledge,
> there hasn't been a specific technical review of the content
> on this list, but just discussions about if the idea in
> general is a good or bad thing, we still need to know if
> people are willing to invest their time and energy in this.
>
> Please let us know if there is traction for this in the
> near term, and/or we can also discuss it in Stockholm.
>
> ---------------------------
> Wes Eddy
> Network & Systems Architect
> Verizon FNS / NASA GRC
> Office: (216) 433-6682
> ---------------------------
>
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm
>