IETF Logo Mail Archive

Re: [tcpm] comments on draft-gont-tcpm-icmp-attacks-05

Joe Touch <touch@ISI.EDU> Sun, 06 November 2005 21:52 UTC

Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EYsQy-0007aT-N4; Sun, 06 Nov 2005 16:52:16 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EYsQx-0007aK-Av for tcpm@megatron.ietf.org; Sun, 06 Nov 2005 16:52:15 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA22255 for <tcpm@ietf.org>; Sun, 6 Nov 2005 16:51:50 -0500 (EST)
Received: from boreas.isi.edu ([128.9.160.161]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EYsgR-0005xR-6p for tcpm@ietf.org; Sun, 06 Nov 2005 17:08:15 -0500
Received: from [70.209.177.148] (148.sub-70-209-177.myvzw.com [70.209.177.148]) by boreas.isi.edu (8.11.6p2+0917/8.11.2) with ESMTP id jA6LoxM06713; Sun, 6 Nov 2005 13:50:59 -0800 (PST)
Message-ID: <436E7ABE.1000004@isi.edu>
Date: Sun, 06 Nov 2005 13:50:54 -0800
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 1.4.1 (Windows/20051006)
MIME-Version: 1.0
To: Pekka Savola <pekkas@netcore.fi>
Subject: Re: [tcpm] comments on draft-gont-tcpm-icmp-attacks-05
References: <Pine.LNX.4.64.0511060458230.18026@netcore.fi>
In-Reply-To: <Pine.LNX.4.64.0511060458230.18026@netcore.fi>
X-Enigmail-Version: 0.93.0.0
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15
Cc: tcpm@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0667311284=="
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org


Pekka Savola wrote:
> It may be needless to say this, but in any case..
> 
> I re-read draft-gont-tcpm-icmp-attacks-05 on the plane.  The last rev I had
> read properly was probably -02 or -03.  I was very pleased with this
> version; I was much more skeptic of certain parts of the doc (e.g., PMTUD
> attacks) before, but I think the document is well written and convincing
> now.
> 
> I'd recommend adopting this as a WG item (provided that Fernando would then
> lift the "no derivative works" clause, because otherwise the doc can't be
> used in the IETF process). 

IMO, the document - at least - needs to have the title changed and tone
of the argument changed as well. These are not - and cannot be put forth
as - security issues.

We can talk about them being useful in how they mitigate the effect of
stale packets, and then - as a corellary - how some attacks emulate
stale packets. The same is true for other aspects that tone down
response to what could be fluctuating conditions.

However, focusing on this as an attack issue is inappropriate; the
remaining (in-window, or on-path) attacks are still too easy to consider
these attack mitigations as a focus.

(that said, I would agree that if the focus were changed, it would be a
useful WG doc)

I've made these points before; unfortunately, the current revision did
not address them.

Joe


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email