Re: [tcpm] tcpsecure: how strong to recommend?

Ted Faber <faber@ISI.EDU> Fri, 05 October 2007 18:45 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdsB2-0005GP-Tc; Fri, 05 Oct 2007 14:45:32 -0400
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1IdsB2-0005Fq-1g for tcpm-confirm+ok@megatron.ietf.org; Fri, 05 Oct 2007 14:45:32 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdsB1-0005F8-JU for tcpm@ietf.org; Fri, 05 Oct 2007 14:45:31 -0400
Received: from boreas.isi.edu ([128.9.160.161]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IdsB1-0007vZ-4b for tcpm@ietf.org; Fri, 05 Oct 2007 14:45:31 -0400
Received: from hut.isi.edu (hut.isi.edu [128.9.168.160]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id l95IiaOG000120 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 5 Oct 2007 11:44:36 -0700 (PDT)
Received: (from faber@localhost) by hut.isi.edu (8.14.1/8.14.1/Submit) id l95IiaeC006179; Fri, 5 Oct 2007 11:44:36 -0700 (PDT) (envelope-from faber)
Date: Fri, 5 Oct 2007 11:44:36 -0700
From: Ted Faber <faber@ISI.EDU>
To: touch@ISI.EDU
Subject: Re: [tcpm] tcpsecure: how strong to recommend?
Message-ID: <20071005184436.GC2845@hut.isi.edu>
References: <0C53DCFB700D144284A584F54711EC580409FD4F@xmb-sjc-21c.amer.cisco.com> <46FF3FFA.4080207@isi.edu> <20071003172326.GE45911@hut.isi.edu> <4703D165.30606@isi.edu> <20071003181553.GF45911@hut.isi.edu> <4703E173.4060007@isi.edu> <20071005165755.GA2845@hut.isi.edu> <1191604898.470672a2ea7cb@webmail.isi.edu> <1191605329.47067451d97bc@webmail.isi.edu>
Mime-Version: 1.0
In-Reply-To: <1191605329.47067451d97bc@webmail.isi.edu>
User-Agent: Mutt/1.4.2.3i
X-url: http://www.isi.edu/~faber
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: faber@hut.isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 244a2fd369eaf00ce6820a760a3de2e8
Cc: tcpm@ietf.org, "Anantha Ramaiah \(ananth\)" <ananth@cisco.com>, mallman@icir.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0192904728=="
Errors-To: tcpm-bounces@ietf.org

On Fri, Oct 05, 2007 at 10:28:49AM -0700, touch@ISI.EDU wrote:
> Quoting touch@ISI.EDU:
> 
> ..
> > > I think we're arguing over what to name the process.  This would be fun
> > > to do in person, but I don't think it's advancing the discussion of the
> > > system, or in particular of the discussion about the guidance to
> > > implementers we're trying to decide on.
> > 
> > I agree with that, but we've tripped over some other name issues that are
> > fundamental here:
> 
> , notably whether this is an update to RFC793 (I think most of us
> agree that it is).

Yep.  It's not much of an exercise to point at the paragraphs that
change.

> 
> It's important for implementers to know why we're doing what we're doing, and
> this is purely motivated by security concerns, and provides no real protection
> from incorrect MSL estimation to TCP as a whole. That's why calling it
> authentication is important. Calling it a patch to update TCP's robustness is
> incorrect and misleads implementers into adopting this mechanism unncessarily.

I do think it makes TCP slightly more robust, but the occurrances that
would trigger that robustness are pretty unusual.  The most common cause of
that uncommon set is malice.  Do you think that concentrating on the
likelihood of bad RSTs (and SYNs and data) showing up would steer us
back toward the recommendation level?

-- 
Ted Faber
http://www.isi.edu/~faber           PGP: http://www.isi.edu/~faber/pubkeys.asc
Unexpected attachment on this mail? See http://www.isi.edu/~faber/FAQ.html#SIG
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm