Re: [tcpm] tcpsecure: how strong to recommend?

Joe Touch <touch@ISI.EDU> Sat, 06 October 2007 01:16 UTC

Return-path: <tcpm-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdyHF-00086p-5a; Fri, 05 Oct 2007 21:16:21 -0400
Received: from tcpm by megatron.ietf.org with local (Exim 4.43) id 1IdyHE-00086j-Ab for tcpm-confirm+ok@megatron.ietf.org; Fri, 05 Oct 2007 21:16:20 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IdyHD-00084X-Va for tcpm@ietf.org; Fri, 05 Oct 2007 21:16:20 -0400
Received: from vapor.isi.edu ([128.9.64.64]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IdyHD-0003uL-IJ for tcpm@ietf.org; Fri, 05 Oct 2007 21:16:19 -0400
Received: from [128.9.176.73] (c3-vpn2.isi.edu [128.9.176.73] (may be forged)) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l961Fv5n000447; Fri, 5 Oct 2007 18:15:57 -0700 (PDT)
Message-ID: <4706E1C3.8020106@isi.edu>
Date: Fri, 05 Oct 2007 18:15:47 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Ted Faber <faber@ISI.EDU>
Subject: Re: [tcpm] tcpsecure: how strong to recommend?
References: <0C53DCFB700D144284A584F54711EC580409FD4F@xmb-sjc-21c.amer.cisco.com> <46FF3FFA.4080207@isi.edu> <20071003172326.GE45911@hut.isi.edu> <4703D165.30606@isi.edu> <20071003181553.GF45911@hut.isi.edu> <4703E173.4060007@isi.edu> <20071005165755.GA2845@hut.isi.edu> <1191604898.470672a2ea7cb@webmail.isi.edu> <1191605329.47067451d97bc@webmail.isi.edu> <20071005184436.GC2845@hut.isi.edu>
In-Reply-To: <20071005184436.GC2845@hut.isi.edu>
X-Enigmail-Version: 0.95.3
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 69a74e02bbee44ab4f8eafdbcedd94a1
Cc: tcpm@ietf.org, "Anantha Ramaiah \(ananth\)" <ananth@cisco.com>, mallman@icir.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1774612023=="
Errors-To: tcpm-bounces@ietf.org


Ted Faber wrote:
...
> I do think it makes TCP slightly more robust, but the occurrances that
> would trigger that robustness are pretty unusual.  The most common cause of
> that uncommon set is malice.  Do you think that concentrating on the
> likelihood of bad RSTs (and SYNs and data) showing up would steer us
> back toward the recommendation level?

I don't think considering these RSTs/SYNs/data issues more than
malicious is appropriate, and I do think that has a lot to do with the
recommendation level.

Joe

_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm