IETF Logo Mail Archive

[tcpm] Re: draft-ietf-tcpm-tcp-antispoof-01.txt

Joe Touch <touch@ISI.EDU> Sun, 09 October 2005 00:00 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EOOcL-00017Y-1j; Sat, 08 Oct 2005 20:00:41 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EOOcJ-00017P-Nq for tcpm@megatron.ietf.org; Sat, 08 Oct 2005 20:00:39 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA20917 for <tcpm@ietf.org>; Sat, 8 Oct 2005 20:00:38 -0400 (EDT)
Received: from boreas.isi.edu ([128.9.160.161]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EOOlr-00062v-AK for tcpm@ietf.org; Sat, 08 Oct 2005 20:10:34 -0400
Received: from [192.168.1.47] (pool-71-106-130-244.lsanca.dsl-w.verizon.net [71.106.130.244]) by boreas.isi.edu (8.11.6p2+0917/8.11.2) with ESMTP id j98NxWL26564; Sat, 8 Oct 2005 16:59:32 -0700 (PDT)
Message-ID: <43485D5D.7040208@isi.edu>
Date: Sat, 08 Oct 2005 16:59:25 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Pekka Savola <pekkas@netcore.fi>
References: <4210B534.1010302@isi.edu> <426ED950.2010404@isi.edu> <Pine.LNX.4.61.0506171234000.25983@netcore.fi>
In-Reply-To: <Pine.LNX.4.61.0506171234000.25983@netcore.fi>
X-Enigmail-Version: 0.92.0.0
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 52f7a77164458f8c7b36b66787c853da
Cc: tcpm@ietf.org
Subject: [tcpm] Re: draft-ietf-tcpm-tcp-antispoof-01.txt
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0765061763=="
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

In advance of submitting an update, some notes below. All others have
been incorporated (to the best of my ability, at least):

Pekka Savola wrote:
...
> [on GTSM]
>     This restricts traffic
>    to one hop upstream of the receiver, but those hops could include
>    other user programs at those nodes or any traffic those nodes accept
>    via tunnels - because tunnels need not decrement TTLs [26].
> 
> ==> I assume _those nodes_ in "those nodes accept via tunnels" refers to
> your peers.  If so, this doesn't seem 100% correct, because IP tunneling
> solutions do decrement the hop limit when they forward traffic out from the
> tunnel.  (There is extensive discussion of this in the security
> considerations of the GTSM spec.)

The GTSM spec also notes cases where this fails, which are the ones I'm
referring to (end sec 5.1), and which I'll cite more directly.

> 8.1. Normative References
> 
>    As this is not a standards document, this section has no meaning.
> 
> ==> Normative means more than just what's what's MUST or MUST not for a
> standard document.  It also means 1) "documents which should be read and
> understood by the reader of this document in order to understand this
> document" and 2) "documents which should be published as stable references
> before this document gets published as RFC".
> 
> I think there are a number of references in category 1).  There are also a
> couple of others in category 2),e.g., tcpmd5app-01, ikev2/AH, dccp.

Although I personally agree with you (esp. w.r.t. #1) I've had this
debate before, and my understanding is that "normative" in the IETF
means "refers to a standard to enable a a specificiation". Since this
isn't a spec (standards track), there can be no normative refs.

If that's not the case, however, somebody in authority holler. ;-)

My original wording was a bit sarcastic in response to that
understanding, so it has been downgraded to 'None.'

Joe

_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email