IETF Logo Mail Archive

[tcpm] [Errata Held for Document Update] RFC5961 (4772)

RFC Errata System <rfc-editor@rfc-editor.org> Mon, 12 September 2016 12:31 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1494012B0DB; Mon, 12 Sep 2016 05:31:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.13
X-Spam-Level:
X-Spam-Status: No, score=-104.13 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.508, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qjNFb2xfmU76; Mon, 12 Sep 2016 05:31:09 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C94012B0A1; Mon, 12 Sep 2016 05:31:09 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 0CA9FB80D4D; Mon, 12 Sep 2016 05:31:09 -0700 (PDT)
To: bortzmeyer+ietf@nic.fr, ananth@cisco.com, randall@lakerest.net, mdalal@cisco.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20160912123109.0CA9FB80D4D@rfc-editor.org>
Date: Mon, 12 Sep 2016 05:31:09 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/jKEJFpflNbtX_fzMgiHtzIum_Wk>
Cc: tcpm@ietf.org, ietf@kuehlewind.net, iesg@ietf.org, rfc-editor@rfc-editor.org
Subject: [tcpm] [Errata Held for Document Update] RFC5961 (4772)
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Sep 2016 12:31:10 -0000

The following errata report has been held for document update 
for RFC5961, "Improving TCP's Robustness to Blind In-Window Attacks". 

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=5961&eid=4772

--------------------------------------
Status: Held for Document Update
Type: Technical

Reported by: Stéphane Bortzmeyer <bortzmeyer+ietf@nic.fr>
Date Reported: 2016-08-10
Held by: Mirja Kühlewind (IESG)

Section: 7

Original Text
-------------
[The entire section]

Corrected Text
--------------
No suggested text because it requires a much more serious analysis. 
May be adding that the rate-limit counter SHOULD be per-connection, 
in the spirit of RFC 6528?

Notes
-----
It appears the section does not specify that the counter for ACK throttling SHOULD be per-connection. In Linux, it is apparently global, which allowed its use as a side channel enabling nasty attacks (CVE-2016-5696 and the paper "Off-Path TCP Exploits: Global Rate Limit Considered Dangerous" <http://www.cs.ucr.edu/~zhiyunq/pub/sec16_TCP_pure_offpath.pdf>).
Also see discussion on tcpm list about this reported errata!

--------------------------------------
RFC5961 (draft-ietf-tcpm-tcpsecure-13)
--------------------------------------
Title               : Improving TCP's Robustness to Blind In-Window Attacks
Publication Date    : August 2010
Author(s)           : A. Ramaiah, R. Stewart, M. Dalal
Category            : PROPOSED STANDARD
Source              : TCP Maintenance and Minor Extensions
Area                : Transport
Stream              : IETF
Verifying Party     : IESG

v2.23.0 | Report a Bug | By Email