Re: [tcpm] review of rev 14 of RFC 793 bis part 2 of 2 - Technical Comments & Questions

Gorry Fairhurst <gorry@erg.abdn.ac.uk> Mon, 02 September 2019 07:09 UTC

Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8ED2120091 for <tcpm@ietfa.amsl.com>; Mon, 2 Sep 2019 00:09:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3592L7gEuljl for <tcpm@ietfa.amsl.com>; Mon, 2 Sep 2019 00:09:10 -0700 (PDT)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [IPv6:2001:630:42:150::2]) by ietfa.amsl.com (Postfix) with ESMTP id 2661812002E for <tcpm@ietf.org>; Mon, 2 Sep 2019 00:09:09 -0700 (PDT)
Received: from MacBook-Pro-5.local (fgrpf.plus.com [212.159.18.54]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPSA id D04911B001FC; Mon, 2 Sep 2019 08:09:04 +0100 (BST)
Message-ID: <5D6CC00F.8010308@erg.abdn.ac.uk>
Date: Mon, 02 Sep 2019 08:09:03 +0100
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Reply-To: gorry@erg.abdn.ac.uk
Organization: University of Aberdeen
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: Joe Touch <touch@strayalpha.com>
CC: "tcpm@ietf.org" <tcpm@ietf.org>
References: <5D669BDA.3000506@erg.abdn.ac.uk> <5D66A044.3060904@erg.abdn.ac.uk> <3836C819-F176-42A1-B3B3-9C41C25AB3A9@strayalpha.com>
In-Reply-To: <3836C819-F176-42A1-B3B3-9C41C25AB3A9@strayalpha.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/S5Poc78l1DO0sG0-ReMuVA2coOg>
Subject: Re: [tcpm] review of rev 14 of RFC 793 bis part 2 of 2 - Technical Comments & Questions
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Sep 2019 07:09:13 -0000

On 01/09/2019, 19:16, Joe Touch wrote:
> Some comments below...
>
>> On Aug 28, 2019, at 8:39 AM, Gorry Fairhurst<gorry@erg.abdn.ac.uk>  wrote:
>> ...
>> ---
>> Section 3 - OLD:
>>      Reserved for future use.  Must be zero in generated segments and
>>      must be ignored in received segments, if corresponding future
>>      features are unimplemented by the sending or receiving host.
>> - why is this not an RFC2119 requirement to set and check the reserve fields, this
>> would seem much more normal and the receiver behaviour at least is required?
>> ---
>> Section 3 - OLD:
>>      If a
>>      segment contains an odd number of header and text octets to be
>>      checksummed, the last octet is padded on the right with zeros to
>>      form a 16 bit word for checksum purposes.
>> - why is this not an RFC2119 requirement to insert the padding, this
>> seems required for correctness?
> Because padding is only one way to compute the checksum; another is to simply take the final byte and left-shift it. That can be computed without actually inserting a pad.
I agree, there are multiple ways to achieve this. So could we rewrite 
this so "is padded", is replaced by a sentence that includes "The 
checksum value needs to ensure the 16-bit alignment of the data being 
checksumed. If the segment contains an odd number of header and payload 
octets, this can be achieved by calculating a checksum that pads the 
last octet on the right with zeros to form a 16-bit word." ... or 
something similar but clear?

>> ---
>> OLD:
>>        This option code may be used between options, for example, to
>>         align the beginning of a subsequent option on a word boundary.
>> - this seems like a RFC2119 "MAY", since it specifies permission to include this.
> That code can appear anywhere anyway. It might be useful to reword as “One use this option code is to align subsequent options”
>   to a word boundary.”
That sounds clear to me.
>> ---
>> OLD:
>>         There is no guarantee that senders will use this option, so
>>         receivers must be prepared to process options even if they do
>>         not begin on a word boundary.
>> -  this seems like a RFC2119 "MUST", since it specifies requirement to process this.
> It would be better to just say up front that “options need not be aligned.” You don’t need to describe all the cases for which receivers MUST succeed. In general “Receivers MUST process any well-formed header”, but that’s already a given (if they didn’t, what’s the point of the whole spec?).
I'd think it better to be clear that the receiver needs to process 
well-formed options with any alignment.
>> ...
>> ---
>> OLD, Section: "   Initial Sequence Number Selection"
>> - This I think needs to refer to "Defending against Sequence Number Attacks" in RFC 6528, which formally updated RFC793. I question - if the RFC793 text is safe and correct.
> Yes, but as a SHOULD, not a MUST. It’s worth noting that if this is cited.
>
>> - In reviewing this, please also fix "cryptographic has of the concatenation"
>> ---
>> OLD, Section: "   The TCP Quiet Time Concept"
>> - Found this section quite amusing. Is this concept widely implemented in stacks?
> This section should be more normative than amusing. It basically helps protect against the same issues as TIME-WAIT when old connections are not known due to a crash.
New text may help.
>> ---
>> OLD:
>>    We assume that the TCP will signal a user,
>>    even if no RECEIVEs are outstanding, that the other side has closed,
>>    so the user can terminate his side gracefully.
> AFAICT, “TCP MUST” make this signal available to the user (but it need not be initiated by TCP), but that’s already covered by the API, which already requires that the user be able to detect this or any other state of TCP anyway (STATUS).
Rewording "assume" would help.
> ---
Gorry