IETF Logo Mail Archive

Re: [tcpm] Roman Danyliw's No Objection on draft-ietf-tcpm-rfc793bis-25: (with COMMENT)

Roman Danyliw <rdd@cert.org> Thu, 23 September 2021 14:36 UTC

Return-Path: <rdd@cert.org>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEB823A0883; Thu, 23 Sep 2021 07:36:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U1FrvNmXaKnk; Thu, 23 Sep 2021 07:36:20 -0700 (PDT)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0105.outbound.protection.office365.us [23.103.208.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 210CE3A0882; Thu, 23 Sep 2021 07:36:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=OyvXp+GYV/AMu8crHpkE/coSn+I9zMqD/AOsYMtHRnGrskgjZKAuYWu/sy5Zr1vIpbbzczS9Uw+tDQbQj+OQeGNWP5gwmkGYUvUBj6I/8cfXsn1m5IkOJLeSPuBLAzBPdMqowH84qSXEDjJLMBKzOCkjyVtuVyRbyGmfBZzOn05vINpT50QJNk6fJ3YsGZeIJfgY8LFDrzjM5O6cEMb6WPsmI5OFef/wqgPR07BmFqc41dhlXmZXZNPjj269gtSYnIoyWwW4WgWfjrXcyfmuQQJhgRpamQxzmm8OMlQK1k0USzTRZyRW6E9TcNl+TX2vUDI9rrVWZjlzZRSEjHTz6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+JUWTHXCEJ1dHLVYBXMe8Bm9H1I5G3FnVGyD4TpvAWo=; b=SlAaSlnGcFrENAIDu9AEdFnKl0dazoqq1cG9/zMwpaLVZESezG2dZMLhRH8DFOPFB08e/48hygckagdFtlUrz1u46LZddtWdK023N3ay9bFiODboKFozzagC1DEGIgB/QeDKlqvc3t7jRh7ffLKst2ROBKLUf/H0eKe4dw4NIKTPRSWQwkaZN3uvqUjqOJZtyS5S5pRWOqFJjVQMzuu65QJKacGBGRt6zhj0N9qhKahzb5K9fuomtbkc3QOZ3FD+eZiH/sbYVYcVEJBwsU13jttviwV1BzXpnFYvv8geH/SVBBU6tgdMrdp6eyK3JuW1XFZBtTeHWa1oSC0JoiCQMg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+JUWTHXCEJ1dHLVYBXMe8Bm9H1I5G3FnVGyD4TpvAWo=; b=afVEqKV9Bcufcej2l+pCuMEjn6Fv1L+aOMAU1zXp9X8b/gAWeT7ddTUPdnKcjOmfYbApUxRX2/q9QgRBDsgufHHeovXsWpuYCqrynRelh9oWwP3rVGMqd1vMaFq5+ctv1KmiBZiiciOnJLCTuKBIknXjinnAt6l+tLaE7BECbRw=
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM (52.145.69.12) by BN1P110MB0068.NAMP110.PROD.OUTLOOK.COM (23.103.15.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.15; Thu, 23 Sep 2021 14:36:17 +0000
Received: from BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::93b:40b5:d4b6:9650]) by BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM ([fe80::93b:40b5:d4b6:9650%5]) with mapi id 15.20.4544.015; Thu, 23 Sep 2021 14:36:17 +0000
From: Roman Danyliw <rdd@cert.org>
To: "touch@strayalpha.com" <touch@strayalpha.com>
CC: "draft-ietf-tcpm-rfc793bis@ietf.org" <draft-ietf-tcpm-rfc793bis@ietf.org>, "tcpm@ietf.org Extensions" <tcpm@ietf.org>, The IESG <iesg@ietf.org>, "tcpm-chairs@ietf.org" <tcpm-chairs@ietf.org>
Thread-Topic: [tcpm] Roman Danyliw's No Objection on draft-ietf-tcpm-rfc793bis-25: (with COMMENT)
Thread-Index: AQHXsC+Idy5ByuZwIka7mY+0XVBOYauxFJeAgACDd5A=
Date: Thu, 23 Sep 2021 14:36:17 +0000
Message-ID: <BN1P110MB0939D13872D73E315E01D0A3DCA39@BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM>
References: <163236958629.2342.800968324528950977@ietfa.amsl.com> <B5B5067E-4E63-414E-9DDA-6376EE174BE5@strayalpha.com>
In-Reply-To: <B5B5067E-4E63-414E-9DDA-6376EE174BE5@strayalpha.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: strayalpha.com; dkim=none (message not signed) header.d=none;strayalpha.com; dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 41534f61-3594-4576-7c3e-08d97e9f810a
x-ms-traffictypediagnostic: BN1P110MB0068:
x-microsoft-antispam-prvs: <BN1P110MB006838F7353DE61A46F8B8C8DCA39@BN1P110MB0068.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: juYk8xJiDBuhWq2YGbV8P3yHDuTvdR41Ftx8rrm/7WDrE7fHZEkJ0GS+NjTJEXEPbg3pPofao9UV7n1aBKqVZ4DBCGuu6pvrnopARLlmTh7u1EAz0kUzlA7+66mN2812XP3Lwz4YUq3fEk0HimvZN0JT8nKU4Sz/GqGC9w2F/T1IMPAjjgBTCuP7TcgDLVmzse+PoVs6zm6GFrpCaIGwJRYw1P/mslmNbFBFFbdA41KcPakmF4w1CRWviL3y+d1scKT5nO0MreLXtwgFO4NP8z3P0SuThfgSvLenBJtWa4L6HFEGbk9+VumYDOcLw3t0rciDeSOKR8T0olnkoCv4R6Nn3nazZRLp6r2WeaWIEJYVOPStT+w0iPznjTjzzEw3Rw9Os83MsEBIc+Ww2jmdRzZxHTW7pgt4Vp6l8qSUJrZHAqViNek8UEkR4lqwUW91qs69e8iN4sWkIlQMI3x80zavTD3Ag4JixX33jfyYA+5ttE656gJjONcvROe8XD9z96L9Acct0UNlcMvJYvS+JszvqHbVuU8Y8lN+8Ri/5vgdskvPwCfxrgXwWNJ3cxg0aHIpFFwDwm770MQEYA1mSni2vTub9d0Uv49nxEGumuzWbU0GIaydEepdsruQ7Vw1R0dYDRUHCfepvwCVJyFuEr3IWNLlpjkTLQ49B/LK5xSO4/cMym/kIlTdepiz4FBcqhNqJ9BAj7AgUiMSNEcCVw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(38070700005)(66476007)(166002)(6916009)(8676002)(33656002)(52536014)(316002)(8936002)(55016002)(9686003)(5660300002)(86362001)(54906003)(4326008)(71200400001)(122000001)(76116006)(83380400001)(66556008)(2906002)(64756008)(186003)(66446008)(966005)(7696005)(38100700002)(26005)(53546011)(66946007)(6506007)(508600001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: hAXeLJKhH+4myKjY0rF4T5LOzQPfmTdIi2bfUjkuWssK1cMNLOmpJ7Ek1iejI/hc26yFB9Tmt98NIQF2xG2R83e4Wxj9A4Sr71ICoiYYw2YVK5A4INzfdV8/xminvGUpgzuu8oahPEJsI78c8sNFb1Pb37raVAlrVCf6ubJv2ZhXX2dZgWp+QLCCenFhP3R/zpeY0hWpFKC1JL7HcvxfU+n7akHu3H2elBLdOVLSjjjcOt8J/PlSQj1edOeGAROl8AXrjMC2bMUIV4i64VFgoDXNpoPKjr3GaKKysrnXjQHgklXeoeexKj175hIaRPr0SUMoT2C0ngXx1873o1N0gQ5ZSxjmJLP1ORzBjkko6UKiURmWbQTrvZhzU8ns6prnZKfjs+Ti4sP3j+HTIkc71uioR6oHdM4Ixf0QZM7ZhReuQDwaSubYVqgwcfPj7kCq9FqJcuingegrkQQlaCBTG7sJp1gstkud0nXmEd43pqkF4twLpdVx3HKubnD9kCpHYQJIe4Ac8ipm/MK2olU1nr1s9hse5V2xJEjSTFnxVoEhQ0S8sJljsENMzm2bYW5DY/D4eRUpPjr7qASSCQoZk4tf9W6LuYuqcfgoxqHDFOBZg5vOV8JPBBP2YUxu+Dcat0Ye8zmjZhiI9XGM3hD7MTdLVnweMmu1fmUjeVbBNSu+uDGUWtHIabszUvG1PAFjCCCY6EnYOOfnwna7rxKjqw==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BN1P110MB0939D13872D73E315E01D0A3DCA39BN1P110MB0939NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN1P110MB0939.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 41534f61-3594-4576-7c3e-08d97e9f810a
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Sep 2021 14:36:17.8324 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1P110MB0068
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/WiJ3HHt0TVCmm_p1RCa1a_SXKWY>
Subject: Re: [tcpm] Roman Danyliw's No Objection on draft-ietf-tcpm-rfc793bis-25: (with COMMENT)
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Sep 2021 14:36:27 -0000

Hi Joe!

From: iesg <iesg-bounces@ietf.org> On Behalf Of touch@strayalpha.com
Sent: Thursday, September 23, 2021 1:19 AM
To: Roman Danyliw <rdd@cert.org>
Cc: draft-ietf-tcpm-rfc793bis@ietf.org; tcpm@ietf.org Extensions <tcpm@ietf.org>; The IESG <iesg@ietf.org>; tcpm-chairs@ietf.org
Subject: Re: [tcpm] Roman Danyliw's No Objection on draft-ietf-tcpm-rfc793bis-25: (with COMMENT)

Note below...
—
Joe Touch, temporal epistemologist
www.strayalpha.com<http://www.strayalpha.com>


On Sep 22, 2021, at 8:59 PM, Roman Danyliw via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote:

Roman Danyliw has entered the following ballot position for
draft-ietf-tcpm-rfc793bis-25: No Objection
...


----------------------------------------------------------------------
COMMENT:
———————————————————————————————————
..
.
** Section 7.
  In order to fully protect TCP connections (including their control
  flags) IPsec or the TCP Authentication Option (TCP-AO) [36] are the
  only current effective methods. Other methods discussed in this
  section may protect the payload

The text should be more precise on what “protect” means.  IPSec and TCP-AO
provide different security services.  IPSec will provide confidentiality and
integrity, but TCP-AO only provides the latter.

It doesn’t have to; see  https://datatracker.ietf.org/doc/html/draft-touch-tcp-ao-encrypt

[Roman] Interesting. Thanks for the pointer.

[Roman] I still recommend being clearer on what “protect” means by explicitly enumerating the security services provided.

Roman

Roman

v2.23.0 | Report a Bug | By Email