Re: [tcpm] TCPM and draft-ietf-tcpm-icmp-attacks

Fernando Gont <> Fri, 19 February 2010 01:17 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E001328C197; Thu, 18 Feb 2010 17:17:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.051
X-Spam-Status: No, score=-3.051 tagged_above=-999 required=5 tests=[AWL=0.548, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id cW1RFT8u9+ko; Thu, 18 Feb 2010 17:17:25 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 1221F28C187; Thu, 18 Feb 2010 17:17:01 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 0340F6B673E; Thu, 18 Feb 2010 22:18:32 -0300 (ART)
Received: from [] ( []) (authenticated bits=0) by (8.13.8/8.13.8) with ESMTP id o1J1HgR8009344; Thu, 18 Feb 2010 22:17:43 -0300
Message-ID: <>
Date: Thu, 18 Feb 2010 22:17:43 -0300
From: Fernando Gont <>
User-Agent: Thunderbird (Windows/20090812)
MIME-Version: 1.0
To: Joe Touch <touch@ISI.EDU>
References: <> <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 0.96.0
OpenPGP: id=D076FFF1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 ( []); Thu, 18 Feb 2010 22:18:24 -0300 (ART)
Subject: Re: [tcpm] TCPM and draft-ietf-tcpm-icmp-attacks
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 19 Feb 2010 01:17:26 -0000

Joe Touch wrote:

>> This would seem to imply that the TCPM WG has decided to deviate from
>> the old IETF operating principle of "rough consensus and running code".
> The short answer is that there wasn't rough consensus for these changes
> in the WG, as explained in the note in the text.

I believe that the short answer is that *you* have done everything that
was available to stop this document (and others) from moving forward.
Requesting text to be added, then requesting the very same text to be
taken out of the I-D. And at some point, we ended up changing the track,
changing text, and changing whatever was out there just with the hope
that you'd be happy, we'd stop wasting energy, and the document would be
eventually published.

It is interesting to note that one of the issues with with you have
trashed this I-D is that it used vocabulary that could be taken as the
draft "recommending" the described counter-measures. Yet, as the editor
of the last version of the (close to infamous) TCP A-O effort, you have
crafted this text:

"  There are other mechanisms proposed to reduce the impact
   of ICMP attacks by further validating ICMP contents and changing the
   effect of some messages based on TCP state"

Note the use of the term "proposed". (that's specifically what I'm
referring to).

I believe this is the height of irony.

Fernando Gont
e-mail: ||
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1