Re: [tcpm] New version of tcp-secure draft

"Agarwal, Anil" <Anil.Agarwal@viasat.com> Tue, 25 September 2007 14:25 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IaBME-0000ZX-VZ; Tue, 25 Sep 2007 10:25:50 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IaBMD-0000ZM-NU for tcpm@ietf.org; Tue, 25 Sep 2007 10:25:49 -0400
Received: from harrier.viasat.com ([12.198.241.131] helo=VGAEXCH02.hq.corp.viasat.com) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IaBMD-00015y-CM for tcpm@ietf.org; Tue, 25 Sep 2007 10:25:49 -0400
Received: from VGAEXCH01.hq.corp.viasat.com ([172.31.1.20]) by VGAEXCH02.hq.corp.viasat.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 25 Sep 2007 10:26:12 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [tcpm] New version of tcp-secure draft
Date: Tue, 25 Sep 2007 10:26:12 -0400
Message-ID: <0B0A20D0B3ECD742AA2514C8DDA3B0658B756B@VGAEXCH01.hq.corp.viasat.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Re: [tcpm] New version of tcp-secure draft
Thread-Index: Acf/gAYVoeSglGPBQ8eMYee5LtL8wA==
From: "Agarwal, Anil" <Anil.Agarwal@viasat.com>
To: <ananth@cisco.com>
X-OriginalArrivalTime: 25 Sep 2007 14:26:12.0814 (UTC) FILETIME=[06314EE0:01C7FF80]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2
Cc: tcpm@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Errors-To: tcpm-bounces@ietf.org

Ananth,
 
Here are some (late) comments on draft-ietf-tcpm-tcpsecure-08 -
 
1. Section 1.1 states - 
"Most modern operating systems have a default window size 
which usually is applied to most connections.  Some applications 
however may change the window size to better suit the needs
of the application". 

Would be useful to mention that some modern operating 
systems (Linux) dynamically adapt the receive window size. 
This somewhat reduces the vulnerability of these attacks.

2. In the first two mitigation techniques, if an attacker 
injects 3 quick successive RST or SYN packets, it may result
in the receiver generating 3 identical ACKs,
which in turn may cause the transmitter to perform
fast retransmission and reduce cwnd. 
This is not as bad as a connection reset, but nevertheless
it can be quite disruptive, especially for LFNs.
Do we need a mechanism to prevent this?
An ACK throttling value of 2 per second would be one way
to address this
 
Anil

Anil Agarwal
ViaSat Inc.
20511 Seneca Meadows Parkway, Suite 200
Germantown, MD 20876
Anil.Agarwal@viasat.com <mailto:Anil.Agarwal@viasat.com> 
ViaSat Brings your Network to Life

_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm