Re: Summary of responses so far and proposal moving forward [Was Re: [tcpm] Is this a problem?]

[Mahesh Jethanandani <mahesh@cisco.com>]

I saw this e-mail just after I had hit the send button for my last e-mail.

Ted Faber wrote:
> I (personally) don't see the point of publishing an RFC that describes
> a technique that a conformant TCP cannot implement.
>   
I do not see any reason why the proposed solution cannot be implemented. 
Are you suggesting that because we cannot implement it is why it should 
not be implemented?
>
>   
> While one might dismiss a legitimate connection holding a zero window
> for a long time as a corner case (though doing so is projecting
> application semantics into the transport), the more telling criticism is
> the first case.
>
> An attacker who wanted to mount the DoS attack described in the draft
> could defeat your proposed mitigation by asking for the same large
> window and then draining it slowly rather than simply holding the zero
> window.  The draft mentions that the silly window avoidance makes this
> difficult, but it just requires the attacker to ACK an MSS worth of data
> less frequently then if they read a single byte
This is a *proposed* solution. This is not a solution that we want to 
standardize on. I am sure with bright minds on this list we can come up 
with better solutions to the problem and  I am fine with that.

To answer your question, yes, they could. That situation is no different 
from a connection that is slow but is making progress. In fact at that 
point it is not a persist connection. It is not advertising zero window. 
We are specifically concerned about connections that take advantage of 
RFC 1122 verbiage to keep the connection in persist state.


_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm