Re: [tcpm] comments on draft-ietf-tcpm-icmp-attacks-05

"Eddy, Wesley M. (GRC-MS00)[Verizon]" <> Thu, 11 June 2009 04:32 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C18F03A6858 for <>; Wed, 10 Jun 2009 21:32:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.454
X-Spam-Status: No, score=-6.454 tagged_above=-999 required=5 tests=[AWL=0.145, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id jO3icUQnd5IM for <>; Wed, 10 Jun 2009 21:32:45 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 6EEA83A680A for <>; Wed, 10 Jun 2009 21:32:45 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id A3AD62D81E3; Wed, 10 Jun 2009 23:32:52 -0500 (CDT)
Received: from ( []) by (8.14.3/8.14.3) with ESMTP id n5B4Wq3c000638; Wed, 10 Jun 2009 23:32:52 -0500
Received: from ([]) by ([]) with mapi; Wed, 10 Jun 2009 23:32:52 -0500
From: "Eddy, Wesley M. (GRC-MS00)[Verizon]" <>
To: "Eddy, Wesley M. (GRC-MS00)[Verizon]" <>, "" <>
Date: Wed, 10 Jun 2009 23:32:57 -0500
Thread-Topic: comments on draft-ietf-tcpm-icmp-attacks-05
Thread-Index: AcnqTJ5N/OQHUFfvTA+OQMGvgkY7QgAAJlzg
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.7400:2.4.4, 1.2.40, 4.0.166 definitions=2009-06-10_14:2009-06-01, 2009-06-10, 2009-06-10 signatures=0
Cc: Fernando Gont <>, Fernando Gont <>
Subject: Re: [tcpm] comments on draft-ietf-tcpm-icmp-attacks-05
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 11 Jun 2009 04:32:46 -0000

As both co-chair and TCPM participant, I'm not really
comfortable with Appendix B of this document which
reads a lot like an advertisement.  Even though I
know it's well-intentioned, it seems like we'd set
a bad precedent if we got into the habit of putting
sponsor-plugs into the appendices of our documents.
I don't think we lose anything by leaving that
appendix out completely.

What does the WG think?

To speed analysis, the text in question is:

Appendix B. Advice and guidance to vendors

   Vendors are urged to contact CPNI ( if they
   think they may be affected by the issues described in this document.
   As the lead coordination center for these issues, CPNI is well placed
   to give advice and guidance as required.

   CPNI works extensively with government departments and agencies,
   commercial organizations and the academic community to research
   vulnerabilities and potential threats to IT systems especially where
   they may have an impact on Critical National Infrastructure's (CNI).

   Other ways to contact CPNI, plus CPNI's PGP public key, are available
   at .

Wes Eddy
Network & Systems Architect
Verizon FNS / NASA GRC
Office: (216) 433-6682