Re: [tcpm] draft-anumita-tcpm-stronger-checksum
Joe Touch <touch@isi.edu> Wed, 09 June 2010 19:28 UTC
Return-Path: <touch@isi.edu>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A3263A685F for <tcpm@core3.amsl.com>; Wed, 9 Jun 2010 12:28:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.166
X-Spam-Level:
X-Spam-Status: No, score=-2.166 tagged_above=-999 required=5 tests=[AWL=0.433, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MdNP5QVjVS9d for <tcpm@core3.amsl.com>; Wed, 9 Jun 2010 12:28:34 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by core3.amsl.com (Postfix) with ESMTP id 0BD973A67CF for <tcpm@ietf.org>; Wed, 9 Jun 2010 12:28:34 -0700 (PDT)
Received: from [75.214.122.201] (201.sub-75-214-122.myvzw.com [75.214.122.201]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id o59JRO51025502 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 9 Jun 2010 12:27:35 -0700 (PDT)
Message-ID: <4C0FEB1C.8070006@isi.edu>
Date: Wed, 09 Jun 2010 12:27:24 -0700
From: Joe Touch <touch@isi.edu>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Lars Eggert <lars.eggert@nokia.com>
References: <20100609151532.8E75E28C0D0@core3.amsl.com><33D3BDE9-7E8D-4DF0-B8D5-BFFC66CF9C99@nokia.com> <20100609173556.GA5338@nuttenaction> <0C53DCFB700D144284A584F54711EC5809E5C397@xmb-sjc-21c.amer.cisco.com> <8B364027-73E4-4C85-B879-7609E28A8B19@nokia.com>
In-Reply-To: <8B364027-73E4-4C85-B879-7609E28A8B19@nokia.com>
X-Enigmail-Version: 0.96.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="------------enig3ADF236A4CAFDC04759A2F14"
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: "tcpm@ietf.org" <tcpm@ietf.org>, "Anantha Ramaiah (ananth)" <ananth@cisco.com>
Subject: Re: [tcpm] draft-anumita-tcpm-stronger-checksum
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jun 2010 19:28:40 -0000
Lars Eggert wrote: > Hi, > > On 2010-6-9, at 21:07, Anantha Ramaiah (ananth) wrote: >> FWIW, there is a recent proposal which talks about enhancing TCP >> checksums as well :- >> >> http://datatracker.ietf.org/doc/draft-anumita-tcpm-stronger-checksum/ >> >> The above proposal tries to leverage on the TCP alternate checksum >> option. > > I've skimmed through this draft when it first came out. I may be missing > something, but why isn't TLS the right solution here? Sure, it may be overkill, > but it's readily available. Hi, Lars, I don't know if they say it in detail, but: TLS doesn't protect TCP against errors which result in bad segments not being retransmitted at the TCP layer; TLS secures, but does not retransmit lost info (it's not a 'reliability' layer). Further, TLS would interpret a bad MAC as an attack and would drop the connection, AFAICT (RFC 5246, see "bad_record_mac"). With large frames, TCP's checksum would allow false positives (bad segments would get sent to TLS), and TLS would fail. Joe
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Hagen Paul Pfeifer
- [tcpm] draft-eggert-tcpm-historicize-00 Lars Eggert
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Ron Bonica
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Hagen Paul Pfeifer
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Anantha Ramaiah (ananth)
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Lars Eggert
- [tcpm] draft-anumita-tcpm-stronger-checksum (was:… Lars Eggert
- Re: [tcpm] draft-eggert-tcpm-historicize-00 L.Wood
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Duke, Martin
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Hagen Paul Pfeifer
- Re: [tcpm] draft-eggert-tcpm-historicize-00 L.Wood
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Hagen Paul Pfeifer
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Alejandro Acosta
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Anantha Ramaiah (ananth)
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Scheffenegger, Richard
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Joe Touch
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum L.Wood
- Re: [tcpm] draft-eggert-tcpm-historicize-00 L.Wood
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Scheffenegger, Richard
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Scheffenegger, Richard
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Joe Touch
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Biswas, Anumita
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Biswas, Anumita
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Joe Touch
- Re: [tcpm] draft-anumita-tcpm-stronger-checksum Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Lars Eggert
- Re: [tcpm] draft-eggert-tcpm-historicize-00 David Ros
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Lars Eggert
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Alexander Zimmermann
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Yuchung Cheng
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Eddy, Wesley M. (GRC-MS00)[ASRC AEROSPACE CORP]
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Anantha Ramaiah (ananth)
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Scheffenegger, Richard
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Scheffenegger, Richard
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Fernando Gont
- Re: [tcpm] draft-eggert-tcpm-historicize-00 L.Wood
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 L.Wood
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 L.Wood
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Biswas, Anumita
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Biswas, Anumita
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 L.Wood
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 rick jones
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 rick jones
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Lars Eggert
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Scheffenegger, Richard
- Re: [tcpm] draft-eggert-tcpm-historicize-00 Joe Touch