Re: [tcpm] WGLC: draft-ietf-tcpm-tcpsecure-10.txt

Fernando Gont <> Fri, 29 August 2008 19:48 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id ACBE128C13E; Fri, 29 Aug 2008 12:48:45 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id A6E4C28C13E for <>; Fri, 29 Aug 2008 12:48:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.444
X-Spam-Status: No, score=-3.444 tagged_above=-999 required=5 tests=[AWL=0.155, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dvtnLdfLr1Dt for <>; Fri, 29 Aug 2008 12:48:43 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 4BD1828C13D for <>; Fri, 29 Aug 2008 12:48:42 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 172876B661F; Fri, 29 Aug 2008 16:48:49 -0300 (ART)
Received: from ( []) (authenticated bits=0) by (8.14.1/8.13.8) with ESMTP id m7TJmWUS006817; Fri, 29 Aug 2008 16:48:36 -0300
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version
Date: Fri, 29 Aug 2008 16:44:21 -0300
To: "Anantha Ramaiah (ananth)" <>, David Borman <>,
From: Fernando Gont <>
In-Reply-To: <0C53DCFB700D144284A584F54711EC5805B5019B@xmb-sjc-21c.amer.>
References: <> <> <> <> <>
Mime-Version: 1.0
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 ( []); Fri, 29 Aug 2008 16:48:48 -0300 (ART)
Cc:, "Mitesh Dalal (mdalal)" <>, Joe Touch <touch@ISI.EDU>
Subject: Re: [tcpm] WGLC: draft-ietf-tcpm-tcpsecure-10.txt
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

At 08:55 p.m. 28/08/2008, Anantha Ramaiah (ananth) wrote:

>    It was mentioned earlier that a reference in the security
>consideration section to ICMP attacks draft is needed. This was done in
>the latest version (ver 10). I am not sure about the port randomization
>though, but I can add it if the WG feels so.

The whole debate of RST attacks had to do with Paul Watson coming to 
the conclusion that these attacks were much more feasible than 
previously assumed (e.g., by some presentation that had been made at NANOG).

Paul's presentation assumed a global and linear ephemeral-port 
selection function. IMO, the most obvious and trivial way to mitigate 
these blind attacks is to randomize the ephemeral port numbers.

And this is even more so when there's a BCP-candidate document that 
has been adopted by a related WG.

>    IMO, all the recent TCP connection robustness related drafts (port
>randomization, ICMP attacks etc.,) should have a reference to TCP secure
>since most of these drafts were inspired by TCP secure!

I don't quite understand this comment. My motivation for suggesting 
references to these documents are:

* It does not make sense to address the most difficult attack vector 
for reset attacks if you leave a much more trivial one open (that's 
the reason for the reference to the ICMP attacks draft).
* tcpsecure aims at mitigating blind in-window attacks. With an 
incremental ephemeral-port selection function, these attacks are not 
as "blind" as they "should" be. If you randomize ephemeral-ports, 
then the attack will require many more packets. (this is the reason 
for the reference to the port randomization draft).

That said, the ICMP attack draft does reference tcpsecure. However, 
it was inspired by the discussions we had while writing the "Security 
Considerations" section of the soft errors draft. The non-wg -00 
version of the port randomization I-D was written by M. Larsen... so 
I have no idea what inspired him to write that document. Maybe 
tcpsecure, maybe Paul Watson's presentation.... maybe he had already 
been working on that.


Kind regards,

Fernando Gont
e-mail: ||
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

tcpm mailing list