Re: [tcpm] Some comments on tcpsecure

Ted Faber <faber@ISI.EDU> Tue, 08 April 2008 01:59 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2C01028C1D1; Mon, 7 Apr 2008 18:59:35 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0137F3A68EE for <tcpm@core3.amsl.com>; Mon, 7 Apr 2008 18:59:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qpDig3Zf28nD for <tcpm@core3.amsl.com>; Mon, 7 Apr 2008 18:59:33 -0700 (PDT)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by core3.amsl.com (Postfix) with ESMTP id 30F583A683E for <tcpm@ietf.org>; Mon, 7 Apr 2008 18:59:33 -0700 (PDT)
Received: from zod.isi.edu (zod.isi.edu [128.9.168.221]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id m381wUON026857 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 7 Apr 2008 18:58:31 -0700 (PDT)
Received: (from faber@localhost) by zod.isi.edu (8.14.2/8.14.2/Submit) id m381wUSL094426; Mon, 7 Apr 2008 18:58:30 -0700 (PDT) (envelope-from faber)
Date: Mon, 07 Apr 2008 18:58:30 -0700
From: Ted Faber <faber@ISI.EDU>
To: "Anantha Ramaiah (ananth)" <ananth@cisco.com>
Message-ID: <20080408015830.GA94097@zod.isi.edu>
References: <20080407212400.GB20562@zod.isi.edu> <0C53DCFB700D144284A584F54711EC5804FA160F@xmb-sjc-21c.amer.cisco.com>
Mime-Version: 1.0
In-Reply-To: <0C53DCFB700D144284A584F54711EC5804FA160F@xmb-sjc-21c.amer.cisco.com>
User-Agent: Mutt/1.4.2.3i
X-url: http://www.isi.edu/~faber
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: faber@zod.isi.edu
Cc: tcpm@ietf.org, Fernando Gont <fernando@gont.com.ar>, Joe Touch <touch@ISI.EDU>
Subject: Re: [tcpm] Some comments on tcpsecure
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============2118082790=="
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

On Mon, Apr 07, 2008 at 06:45:53PM -0700, Anantha Ramaiah (ananth) wrote:
> Ted, 
> 
> > -----Original Message-----
> > From: tcpm-bounces@ietf.org [mailto:tcpm-bounces@ietf.org] On 
> > Behalf Of Ted Faber
> > Sent: Monday, April 07, 2008 2:24 PM
> > To: Joe Touch
> > Cc: tcpm@ietf.org; Fernando Gont
> > Subject: Re: [tcpm] Some comments on tcpsecure
> > 
> > On Mon, Apr 07, 2008 at 02:02:26PM -0700, Joe Touch wrote:
> > > Fair enough. It can warn - in the security considerations - 
> > that these 
> > > protections assume corresponding protections on ICMPs, 
> > however. I.e., 
> > > it  would be incorrect to recommend, but it can warn that "without 
> > > corresponding ICMPs, this document may not provide the 
> > desired protection"
> > 
> > I think the quoted text, including a citation to an 
> > appropriate document, would be an excellent addition to the 
> > security concerns section of this document.  That's speaking 
> > as an individual.
> 
> Like it has been pointed out above, it would be incorrect to make any
> recommendation about ICMP or any other form of attack vectors in the
> tcpsecure doc since this document is not meant to be a repository of all
> currently known ( and going to be discovered in the near future ;-)
> attacks on TCP. So, IMO the verbiage needs to be chosen carefully if the
> consensus is to provide a pointer to the ICMP doc in the security
> consideration section. I would like to simply put an informative note
> telling "spoofed ICMP packets may also result in TCP connection
> stability issues, and this is discussed in more depth in......." or
> something of that sort. 

I'm not writing the document, but Joe's words [lightly edited] look good
to me:

"Unless implementors address spoofed ICMP messages[], the mitigations
specified in this document may not provide the desired protection."

Write what you want, but that seems to be exactly what needs to be said,
and cut and paste is easy.

I have no attachment to those particular words, but capture the thoughts
because I'd rather not have this discussion again.

-- 
Ted Faber
http://www.isi.edu/~faber           PGP: http://www.isi.edu/~faber/pubkeys.asc
Unexpected attachment on this mail? See http://www.isi.edu/~faber/FAQ.html#SIG
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm