IETF Logo Mail Archive

Re: [tcpm] feedcback on tcp-secure-05: suggested text

Pekka Savola <pekkas@netcore.fi> Tue, 18 July 2006 18:27 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2uHh-0001Bb-Sf; Tue, 18 Jul 2006 14:27:05 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2uHg-0001BW-Kt for tcpm@ietf.org; Tue, 18 Jul 2006 14:27:04 -0400
Received: from eunet-gw.ipv6.netcore.fi ([2001:670:86:3001::1] helo=netcore.fi) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G2uHg-0003xP-5w for tcpm@ietf.org; Tue, 18 Jul 2006 14:27:04 -0400
Received: from localhost (pekkas@localhost) by netcore.fi (8.12.11.20060614/8.12.11) with ESMTP id k6IIR04l014991; Tue, 18 Jul 2006 21:27:00 +0300
Date: Tue, 18 Jul 2006 21:27:00 +0300
From: Pekka Savola <pekkas@netcore.fi>
To: Ted Faber <faber@ISI.EDU>
Subject: Re: [tcpm] feedcback on tcp-secure-05: suggested text
In-Reply-To: <20060718181852.GC50683@hut.isi.edu>
Message-ID: <Pine.LNX.4.64.0607182121150.14444@netcore.fi>
References: <44B682AB.9010702@isi.edu> <7.0.1.0.0.20060715162015.085dce90@gont.com.ar> <44BB1965.9070305@isi.edu> <20060717180238.GE38453@hut.isi.edu> <20060718181852.GC50683@hut.isi.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-Virus-Scanned: ClamAV 0.88.2/1600/Sat Jul 15 18:03:46 2006 on otso.netcore.fi
X-Virus-Status: Clean
X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,NO_RELAYS autolearn=ham version=3.1.2
X-Spam-Checker-Version: SpamAssassin 3.1.2 (2006-05-25) on otso.netcore.fi
X-Spam-Score: -2.8 (--)
X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3
Cc: tcpm@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

On Tue, 18 Jul 2006, Ted Faber wrote:
> I've attached some text that I'd like to propose for the Security
> Considerations secition of this draft in an effort to make its scope
> clear and hopefully address some of Joe's concerns about ICMP.
>
> This is just me, a participant, making the suggestion.
>
> Text is attached.  Let me know what you think.

I'm having practical problems with the second paragraph (the rest 
looks OK).  It seems to imply that RFC 4301 adequately discusses the 
issues and is a useful starting point for developing a prevention 
policy _in practice_ (as very few sessions can use IPsec to prevent 
from ICMP attacks).  My belief is that both of these implications are 
incorrect.

On the other hand, I'd replace the text with references to 
tcpm-antispoof and tcpm-icmp-attacks which both go to some length in 
discussing this issue.  The former could be cited in the first 
paragraph, the latter provided as a main discussion of ICMP attacks in 
the second paragraph.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email