RE: [tcpm] RE: TCP secure

"Anantha Ramaiah (ananth)" <ananth@cisco.com> Fri, 11 January 2008 06:55 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JDDnA-0001e3-Ii; Fri, 11 Jan 2008 01:55:00 -0500
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1JDDn9-0001dy-5c for tcpm-confirm+ok@megatron.ietf.org; Fri, 11 Jan 2008 01:54:59 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JDDn8-0001dp-P2 for tcpm@ietf.org; Fri, 11 Jan 2008 01:54:58 -0500
Received: from sj-iport-6.cisco.com ([171.71.176.117]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1JDDn8-0007Y5-DN for tcpm@ietf.org; Fri, 11 Jan 2008 01:54:58 -0500
X-IronPort-AV: E=Sophos;i="4.24,270,1196668800"; d="scan'208";a="34052033"
Received: from sj-dkim-3.cisco.com ([171.71.179.195]) by sj-iport-6.cisco.com with ESMTP; 10 Jan 2008 22:54:57 -0800
Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-3.cisco.com (8.12.11/8.12.11) with ESMTP id m0B6svN1006426; Thu, 10 Jan 2008 22:54:57 -0800
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id m0B6svcV029319; Fri, 11 Jan 2008 06:54:57 GMT
Received: from xmb-sjc-21c.amer.cisco.com ([171.70.151.176]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 10 Jan 2008 22:54:57 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [tcpm] RE: TCP secure
Date: Thu, 10 Jan 2008 22:54:51 -0800
Message-ID: <0C53DCFB700D144284A584F54711EC5804880620@xmb-sjc-21c.amer.cisco.com>
In-Reply-To: <4786E29B.7060608@isi.edu>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [tcpm] RE: TCP secure
Thread-Index: AchUAjcVrenfrRJ5SJ6oxu+uhF+GAQAGCqvQ
References: <200801110208.DAA11330@TR-Sys.de> <4786E29B.7060608@isi.edu>
From: "Anantha Ramaiah (ananth)" <ananth@cisco.com>
To: "Joe Touch" <touch@isi.edu>, "Alfred ?" <ah@tr-sys.de>
X-OriginalArrivalTime: 11 Jan 2008 06:54:57.0122 (UTC) FILETIME=[E06F9420:01C8541E]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=1136; t=1200034497; x=1200898497; c=relaxed/simple; s=sjdkim3002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=ananth@cisco.com; z=From:=20=22Anantha=20Ramaiah=20(ananth)=22=20<ananth@cisco .com> |Subject:=20RE=3A=20[tcpm]=20RE=3A=20TCP=20secure |Sender:=20; bh=k2GwtJGABCK155FGql3T6Fg24g0gHOPjZyMAJr92zCg=; b=EmL4bLj1lWTxwxgA3zXtQ5X48BWVJnlv5tH6sHbu80YsgHKsChfYyvbyWK l8HoDqq+Rx1gJ65Fg8UuNmO9pizRYq9wiGIAkUUO4W/qBUKgT03GHEIokF7v m6lXgV+GPk;
Authentication-Results: sj-dkim-3; header.From=ananth@cisco.com; dkim=pass ( sig from cisco.com/sjdkim3002 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228
Cc: tcpm@ietf.org, "Randall Stewart \(rrs\)" <rrs@cisco.com>, "Mitesh Dalal \(mdalal\)" <mdalal@cisco.com>
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

 

> -----Original Message-----
> From: Joe Touch [mailto:touch@isi.edu] 
> Sent: Thursday, January 10, 2008 7:30 PM
> To: Alfred ?
> Cc: Anantha Ramaiah (ananth); Randall Stewart (rrs); Mitesh 
> Dalal (mdalal); tcpm@ietf.org
> Subject: Re: [tcpm] RE: TCP secure
> 
> The references continue to be out of date.
> 
> 1. antispoof has been an RFC (4953) since July.

Point taken, this can be done during the next revision whenever that is.

> 
> 2. TCP-MD5 has a replacement (TCP-AO) that was discussed in 
> Nov in Vancouver; that I-D should be noted, esp. where 
> TCP-MD5 is discussed as an alternate solution.

TCP secure just mentions TCP MD5 as an example of an already deployed
existing security mechanism. There may be many ways available to protect
TCP connections and it is NOT the purpose or motivation of TCP secure to
list all of them. If the "antispoof" draft was still in the works I
would have suggested to list AO in it.

But if the workgroup strongly feels that TCP secure should make a note
of AO, I am willing to add it, but at the moment I stand unconvinced.

-Anantha


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm