Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof-05.txt (Ends 2 Feb 2007)
Joe Touch <touch@ISI.EDU> Sat, 03 February 2007 06:53 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HDEly-0003CC-Qg; Sat, 03 Feb 2007 01:53:18 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HDElx-0003B0-VT for tcpm@ietf.org; Sat, 03 Feb 2007 01:53:17 -0500
Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HDElw-0007hj-JD for tcpm@ietf.org; Sat, 03 Feb 2007 01:53:17 -0500
Received: from [127.0.0.1] ([128.9.176.73]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l136qwVG015124; Fri, 2 Feb 2007 22:52:59 -0800 (PST)
Message-ID: <45C43145.2050401@isi.edu>
Date: Fri, 02 Feb 2007 22:52:53 -0800
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0b2 (Windows/20070116)
MIME-Version: 1.0
To: Pekka Savola <pekkas@netcore.fi>
Subject: Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof-05.txt (Ends 2 Feb 2007)
References: <20070118012440.GC1540@hut.isi.edu> <20070126174742.GF44355@hut.isi.edu> <20070202185415.GC35900@hut.isi.edu> <Pine.LNX.4.64.0702022117390.18960@netcore.fi> <45C42E9F.3000107@isi.edu> <Pine.LNX.4.64.0702030848100.31792@netcore.fi>
In-Reply-To: <Pine.LNX.4.64.0702030848100.31792@netcore.fi>
X-Enigmail-Version: 0.94.1.2.0
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 41c17b4b16d1eedaa8395c26e9a251c4
Cc: tcpm@ietf.org, Ted Faber <faber@ISI.EDU>
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1562792022=="
Errors-To: tcpm-bounces@ietf.org
OK - I think we have converged on this, right? Pekka Savola wrote: > On Fri, 2 Feb 2007, Joe Touch wrote: >>> As a result, address filtering is not a local solution that can be >>> deployed to protect communicating pairs, but rather relies on a >>> distributed infrastructure of trusted gateways filtering forged >>> traffic where it enters the network. It is not feasible for local, >>> incremental deployment, and relies heavily on distributed >>> cooperation. Although useful to reduce the load of spoofed traffic, >>> it is insufficient to protect particular connections from attack >>> [29]. > ... >>> But a smaller delta to the current text might also be OK even if it is >>> less explicit, for example: >>> >>> As a result, address filtering is not a local solution that can be >>> deployed to protect communicating pairs, but rather relies on a >>> distributed infrastructure of trusted gateways filtering forged >>> traffic where it enters the network. It is not feasible as a >>> general solution due to the lack universal deployment, but >>> may be applicable to connections among those inside the protected >>> border in some scenarios. Applying filtering also reduces >>> the load of spoofed traffic [29]. >> >> I agree with the second sentence, which might be useful to include. As >> to the last sentence, this document focuses on endpoint mechanisms for >> defense, and doesn't address upstream load reduction. > > I don't care about the last sentence, and it could be removed or > reworded. It was just an attempt to rephrase the last sentence in the > original (above) so that reference [29] is preserved. > -- ---------------------------------------- Joe Touch Sr. Network Engineer, USAF TSAT Space Segment
_______________________________________________ tcpm mailing list tcpm@ietf.org https://www1.ietf.org/mailman/listinfo/tcpm
- [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof-05.… Ted Faber
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Wesley Eddy
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Ted Faber
- [tcpm] AD review of draft-ietf-tcpm-tcp-antispoof… Lars Eggert
- Re: [tcpm] AD review of draft-ietf-tcpm-tcp-antis… Joe Touch
- Re: [tcpm] AD review of draft-ietf-tcpm-tcp-antis… Lars Eggert
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Ted Faber
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Pekka Savola
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Joe Touch
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Pekka Savola
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Joe Touch
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Lars Eggert
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Ted Faber
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Joe Touch
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Joe Touch
- Re: [tcpm] WGLC for draft-ietf-tcpm-tcp-antispoof… Mark Allman