Re: [tcpm] [tcpinc] TCP Stealth - possible interest to the WG
Hagen Paul Pfeifer <hagen@jauu.net> Tue, 19 August 2014 19:00 UTC
Return-Path: <hagen@jauu.net>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22FB31A070B for <tcpm@ietfa.amsl.com>; Tue, 19 Aug 2014 12:00:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e9rl0_yYgsH7 for <tcpm@ietfa.amsl.com>; Tue, 19 Aug 2014 12:00:10 -0700 (PDT)
Received: from mail-la0-f52.google.com (mail-la0-f52.google.com [209.85.215.52]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6079A1A06FB for <tcpm@ietf.org>; Tue, 19 Aug 2014 12:00:01 -0700 (PDT)
Received: by mail-la0-f52.google.com with SMTP id b17so6218879lan.39 for <tcpm@ietf.org>; Tue, 19 Aug 2014 11:59:58 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=c3tVvZG8aMiNCzlOp2Jd/spZx4C7J+NRfjXvPmbitq8=; b=KF/Vol5aClRw8sRc5lHw9sLG84wrdMlkyjN4IoF+hy6H4UoDWnI1yVc4F+coQQ+JLW pjX/jud+91WIUnuvjddqWI93fQCSiL9TrUYma/OJU24KorchzOjZVtMmogGI5a8JCHNn 1gfzjlNx4DuBV9CYHHStLdWy3/KPYaj0GfzVXZtnaujx46sP9Igh5AOKtMrR+nZdMOex U+P6519cPYsD5ihUaw5zv06fPeqPwicVLAk5CBUxEKk2wxNSy5TEHgP9I3ooEGTQN0bI GUVBL0FPHvZx7myESENs5KBDwiwb+Wut6sTrfNIZbJn86EmBVNt1Kp7Dr2m40iNVyPUT CKNA==
X-Gm-Message-State: ALoCoQmHU4ZTzTjSVT+XvojnnGXN6z35i8aKjgQ8H28pOgy2ISk0GgxlzA8J+EX43zFuDGQ2qJD8
MIME-Version: 1.0
X-Received: by 10.112.25.102 with SMTP id b6mr35797923lbg.17.1408474798532; Tue, 19 Aug 2014 11:59:58 -0700 (PDT)
Received: by 10.152.242.42 with HTTP; Tue, 19 Aug 2014 11:59:58 -0700 (PDT)
X-Originating-IP: [2a02:810d:740:57c:6a05:caff:fe03:ab31]
In-Reply-To: <53F3970D.5080906@grothoff.org>
References: <ecdbe694b6964c159f64b1d3311c8cc6@hioexcmbx02-prd.hq.netapp.com> <CAFggDF2jhQPz0Eez=AU9M-k862wD_=VSyVpXtRAjT4zC6H4tgA@mail.gmail.com> <1408397675.299896.154112109.6F69043F@webmail.messagingengine.com> <8c5f6a1e9f2340e48e25dd151406b7d3@hioexcmbx05-prd.hq.netapp.com> <1408401991.317123.154137701.0A30F30C@webmail.messagingengine.com> <CAPh34meB=EtgNu=_eBS6ekB20fRccAqXFWydkCWG+6VKSa98rg@mail.gmail.com> <CAFggDF39L+kLQLmiWJR3q6suPOtYmKJiJUqp0kBv7GjUtNVOjA@mail.gmail.com> <CAPh34mdPtKvVJ2FfshPFwrwRDOw9CxxHT4ZTFYZZEVSoKOEq0A@mail.gmail.com> <53F3970D.5080906@grothoff.org>
Date: Tue, 19 Aug 2014 20:59:58 +0200
Message-ID: <CAPh34mf2rnNuM=YZ1uin1_PtkB8buOskMtf3NAJMOwdFeMe9MQ@mail.gmail.com>
From: Hagen Paul Pfeifer <hagen@jauu.net>
To: Christian Grothoff <christian@grothoff.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tcpm/nVNCGMrnikFbAzxJWc5EHf3d7_k
Cc: "tcpinc@ietf.org" <tcpinc@ietf.org>, "tcpm (tcpm@ietf.org)" <tcpm@ietf.org>, Joe Touch <touch@isi.edu>, alfiej@fastmail.fm
Subject: Re: [tcpm] [tcpinc] TCP Stealth - possible interest to the WG
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Aug 2014 19:00:18 -0000
On 19 August 2014 20:27, Christian Grothoff <christian@grothoff.org> wrote: > You clearly also deliberately missunderstand the difference between > design / specification / mechanism, and the reality of an implementation. No, I don't. But you are right, we should talk about implementation issues. > Prove is a strong word. Now, I would not mind if the standard included > some strong wording on using a random TSval in combination with TCP > Stealth by default. But, as was pointed out, due to some NATs messing > with TSvals, we decided to keep it optional, as opposed to mandatory. > But I think that is a point I would be open to discuss, as it is really > a trade-off. TSvals *are* optional, you propose TCP stealth should depend on an "optional option"? I clearly see problems here because they can be filtered, disabled or simple the limited option space is exhausted by other options. What about PAWS? What about ISN duplicates and how are these handled (and differentiated)? Hagen
- [tcpm] TCP Stealth - possible interest to the WG Scheffenegger, Richard
- Re: [tcpm] TCP Stealth - possible interest to the… Hagen Paul Pfeifer
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpm] TCP Stealth - possible interest to the… Ted Faber
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Alfie John
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Alfie John
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Hagen Paul Pfeifer
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Hagen Paul Pfeifer
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Hagen Paul Pfeifer
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Florian Westphal
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Florian Westphal
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Yoshifumi Nishida
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Hagen Paul Pfeifer
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Scheffenegger, Richard
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Hagen Paul Pfeifer
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Christian Grothoff
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Christian Grothoff
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Christian Grothoff
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Christian Grothoff
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Christian Grothoff
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Daniel Borkmann
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Jacob Appelbaum
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Alfie John
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Joe Touch
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Joe Touch
- Re: [tcpm] [tcpinc] TCP Stealth - possible intere… Christian Grothoff