Re: [tcpm] WG Last Call for ICMP Attacks

Joe Touch <touch@ISI.EDU> Wed, 09 September 2009 15:01 UTC

Return-Path: <touch@ISI.EDU>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E2D003A698E for <tcpm@core3.amsl.com>; Wed, 9 Sep 2009 08:01:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.508
X-Spam-Level:
X-Spam-Status: No, score=-2.508 tagged_above=-999 required=5 tests=[AWL=0.091, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wVZEJX8vVjRf for <tcpm@core3.amsl.com>; Wed, 9 Sep 2009 08:01:04 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by core3.amsl.com (Postfix) with ESMTP id 18D893A67D8 for <tcpm@ietf.org>; Wed, 9 Sep 2009 08:01:04 -0700 (PDT)
Received: from [192.168.1.47] (pool-71-106-88-10.lsanca.dsl-w.verizon.net [71.106.88.10]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id n89F0xHu026490 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 9 Sep 2009 08:01:02 -0700 (PDT)
Message-ID: <4AA7C32B.3020606@isi.edu>
Date: Wed, 09 Sep 2009 08:00:59 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Carlos Pignataro <cpignata@cisco.com>
References: <F1534040-EA0D-44E4-98F7-67C24CD12CCF@windriver.com> <B01905DA0C7CDC478F42870679DF0F1005B64E383D@qtdenexmbm24.AD.QINTRA.COM> <4A9F4AB1.6070605@gont.com.ar> <4AA6E2CC.2000905@isi.edu> <4AA73910.7080002@gont.com.ar> <4AA74639.4000500@isi.edu> <4AA7B738.10400@cisco.com> <4AA7B930.10300@isi.edu> <4AA7BFE4.5050209@cisco.com>
In-Reply-To: <4AA7BFE4.5050209@cisco.com>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: "Smith, Donald" <Donald.Smith@qwest.com>, 'tcpm Extensions WG' <tcpm@ietf.org>, 'David Borman' <david.borman@windriver.com>, Fernando Gont <fernando@gont.com.ar>
Subject: Re: [tcpm] WG Last Call for ICMP Attacks
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Sep 2009 15:01:05 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Carlos Pignataro wrote:
...
> The document says the following; would s/discarded/discarded or delayed/
> cover it?
> 
>    It is important to note that ICMP error messages are unreliable, and
>    may be discarded due to data corruption, network congestion or rate-
>    limiting.  Thus, while they provide useful information, upper layer
>    protocols cannot depend on ICMP for correct operation.

That would help there, but it is also useful in other places to indicate
what happens when a legitimate ICMP is delayed, i.e., how that affects
what your algorithm would do.

It's OK to qualify it with "this is unlikely", but IMO it needs to be
discussed with more than a single word in a single paragraph.

Joe
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqnwysACgkQE5f5cImnZrvcNACguSsF9p5U0pEOhvnWDsp4NOjL
XSAAmwSLA8HQjZz0ORO6z9WhL8y6wPAn
=PuSR
-----END PGP SIGNATURE-----