IETF Logo Mail Archive

Re: [tcpm] AD Review: draft-ietf-tcpm-icmp-attacks-09

Fernando Gont <fernando@gont.com.ar> Mon, 01 February 2010 13:14 UTC

Return-Path: <fernando.gont.netbook.win@gmail.com>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B72FB28C302 for <tcpm@core3.amsl.com>; Mon, 1 Feb 2010 05:14:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.522
X-Spam-Level:
X-Spam-Status: No, score=-2.522 tagged_above=-999 required=5 tests=[AWL=0.077, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s5tR60XQdLqj for <tcpm@core3.amsl.com>; Mon, 1 Feb 2010 05:14:14 -0800 (PST)
Received: from mail-yw0-f200.google.com (mail-yw0-f200.google.com [209.85.211.200]) by core3.amsl.com (Postfix) with ESMTP id E894028C2B0 for <tcpm@ietf.org>; Mon, 1 Feb 2010 05:12:54 -0800 (PST)
Received: by ywh38 with SMTP id 38so872351ywh.6 for <tcpm@ietf.org>; Mon, 01 Feb 2010 05:13:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :x-enigmail-version:openpgp:content-type:content-transfer-encoding; bh=/J3TXxSjySii45Boev5ZLO9iFyX6Sl1L7rW0F4eSj3I=; b=MdHwO8W96jJGVji3nwbsXL/TtOM0sC+yJ7P/N3S+2gtTIc8hhoYgblzC4F4UV8OguF ZIpsI9lr1ljO6DG6tMtpnkbV2CsvIa6QrEpzMFy4eaGhwcfD8g8XTB+tn0NYrtUBaFm8 2HkfeC8XyeGcwr0syvdCYXmVAJd2/5Ds9grMk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:openpgp:content-type :content-transfer-encoding; b=ugGiZAstAVZWDUjAV/Ky/7F6tSH929FdBLQ0MP7WoIJ/g21nwhkMQ3wI5qdIsL/Oyo aKVjuaz8vDBoR9q/b/0Xzn1cjGx0c4MtRJRrAsack8cwqrsQiLSYPZfao525KGRtfCsQ R72AMFo7G1HwSj2FZJLSVg4irDO94E+My51Kg=
Received: by 10.101.149.39 with SMTP id b39mr5178155ano.17.1265030003925; Mon, 01 Feb 2010 05:13:23 -0800 (PST)
Received: from ?192.168.0.100? (144-174-17-190.fibertel.com.ar [190.17.174.144]) by mx.google.com with ESMTPS id 4sm1746647ywi.54.2010.02.01.05.13.21 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 01 Feb 2010 05:13:22 -0800 (PST)
Sender: Fernando Gont <fernando.gont.netbook.win@gmail.com>
Message-ID: <4B66D363.5070205@gont.com.ar>
Date: Mon, 01 Feb 2010 10:13:07 -0300
From: Fernando Gont <fernando@gont.com.ar>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Lars Eggert <lars.eggert@nokia.com>
References: <20100120010001.6D3913A67FB@core3.amsl.com> <3183E44E-124A-4C80-A112-72FBC00FEAFF@nokia.com> <4B60A3EC.20308@gont.com.ar> <EC58033A-8C2D-4C0D-A63E-7B5808DEA5B4@nokia.com> <4B6204F7.1070908@gont.com.ar> <50DBEEEC-1EA0-4C8D-8B52-3063F13BAB7B@nokia.com> <729695D0-6DF5-4599-908C-9B375C30E9E8@nokia.com>
In-Reply-To: <729695D0-6DF5-4599-908C-9B375C30E9E8@nokia.com>
X-Enigmail-Version: 0.96.0
OpenPGP: id=D076FFF1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "tcpm@ietf.org WG" <tcpm@ietf.org>
Subject: Re: [tcpm] AD Review: draft-ietf-tcpm-icmp-attacks-09
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Feb 2010 13:14:15 -0000

Hello, Lars,

>>>> If yes, then with delayed ACKs (or otherwise in corner cases) 
>>>> acked_packet_size is actually larger than maxsizesent always.
>>> Well, that depends on the amount of data you send. But yes, you
>>> could say that "acked_packet_size is actually larger than
>>> maxsizesent *usually*".
>>> 
>>>> On second reading, I don't think that's a problem for the
>>>> technique, but the name and description of the variable
>>>> confused me earlier.
>>> Should I add a clarification?
>> I think this would make sense. You might also want to change the
>> name of the variable.
> 
> this is the only issue I haven't seen addressed in -10.

Note that I did add a clarification and tweaked the relevant text (see
the diff). I didn't rename the variable, though, as I couldn't come up
with a better name (on first thought, at least), and because I thought
that the clarification I added would do. But please let me know if you
have any thoughts on how to improve this.


> I'll start the IETF Last Call based on -10 now; we can work out the
> few remaining issues (incl. this one) in parallel.

FWIW, in the next rev I would be replacing the current disclaimer with:

    We note that the counter-measures discussed in this document are not
    part of standard TCP behavior and this document does not change that
    state of affairs.  The consensus of the TCPM WG (TCP Maintenance and
    Minor Extensions Working Group) was to document this widespread
    implementation of TCP behavior and neither to change the TCP
    standard nor to make any new recommendations herein.

(This is Joe's proposed text, leaving out the "non-standard", as agreed
by others so far...)

Thanks!

Kind regards,
-- 
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

v2.23.0 | Report a Bug | By Email