Re: [tcpm] WG Last Call for ICMP Attacks
Joe Touch <touch@ISI.EDU> Wed, 09 September 2009 15:21 UTC
Return-Path: <touch@ISI.EDU>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8DA7228C2C9 for <tcpm@core3.amsl.com>; Wed, 9 Sep 2009 08:21:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.511
X-Spam-Level:
X-Spam-Status: No, score=-2.511 tagged_above=-999 required=5 tests=[AWL=0.088, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WTKuDgLHjFi3 for <tcpm@core3.amsl.com>; Wed, 9 Sep 2009 08:21:04 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by core3.amsl.com (Postfix) with ESMTP id 87DAF28C190 for <tcpm@ietf.org>; Wed, 9 Sep 2009 08:21:04 -0700 (PDT)
Received: from [192.168.1.47] (pool-71-106-88-10.lsanca.dsl-w.verizon.net [71.106.88.10]) (authenticated bits=0) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id n89FL1GV001297 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 9 Sep 2009 08:21:03 -0700 (PDT)
Message-ID: <4AA7C7DD.1000504@isi.edu>
Date: Wed, 09 Sep 2009 08:21:01 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Carlos Pignataro <cpignata@cisco.com>
References: <F1534040-EA0D-44E4-98F7-67C24CD12CCF@windriver.com> <B01905DA0C7CDC478F42870679DF0F1005B64E383D@qtdenexmbm24.AD.QINTRA.COM> <4A9F4AB1.6070605@gont.com.ar> <4AA6E2CC.2000905@isi.edu> <4AA73910.7080002@gont.com.ar> <4AA74639.4000500@isi.edu> <4AA7B738.10400@cisco.com> <4AA7B930.10300@isi.edu> <4AA7BFE4.5050209@cisco.com> <4AA7C32B.3020606@isi.edu> <4AA7C5CF.10400@cisco.com>
In-Reply-To: <4AA7C5CF.10400@cisco.com>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: "Smith, Donald" <Donald.Smith@qwest.com>, 'tcpm Extensions WG' <tcpm@ietf.org>, 'David Borman' <david.borman@windriver.com>, Fernando Gont <fernando@gont.com.ar>
Subject: Re: [tcpm] WG Last Call for ICMP Attacks
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Sep 2009 15:21:05 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Carlos Pignataro wrote: ... >> It's OK to qualify it with "this is unlikely", but IMO it needs to be >> discussed with more than a single word in a single paragraph. > > I think that "this is unlikely" or "this is highly unlikely" would still > be understating the probability (I am curious to see any experienced > example of ICMP being delayed minutes). Redundancy architectures of > routers typically cover the planned upgrade (or even unexpected reload) > scenarios you presented. > > Perhaps a separate sentence in that paragraph before the "Thus, " with > some variation of "rate-limiting can delay ICMPs, and some other highly > unlikely theoretical scenarios can compound the delay"? You can't rely on something that isn't required. The fact that current implementations, in current operation, don't do this isn't relevant. Consider the proposal to resend 'the last packets seen' after a link outage, to 'tickle' TCP into waking up. That proposal was considered inappropriate because the router would hold the packet too long to satisfy requirements. However, if someone were to propose to hold ICMPs and issue them later, that would be *compliant*. Protocols aren't just about what happens to work today; they're about what you can expect to work tomorrow too. Anything that examines the contents of an ICMP needs to appreciate that those contents do NOT have to obey timeliness requirements - notably of the protocol being conveyed as payload. You need to explain what happens when your assumptions are wrong not because they're often wrong today, but because you cannot know whether they'll be wrong tomorrow. Joe -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqnx90ACgkQE5f5cImnZrvguwCgrm7/fLMiKak8gGb0QYQsROeK 5bcAn0fxfPIznaScGG9Tx0oq0OjCHk8x =xegI -----END PGP SIGNATURE-----
- [tcpm] WG Last Call for ICMP Attacks David Borman
- Re: [tcpm] WG Last Call for ICMP Attacks Smith, Donald
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Smith, Donald
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Fernando Gont
- Re: [tcpm] WG Last Call for ICMP Attacks toby.moncaster
- Re: [tcpm] WG Last Call for ICMP Attacks Fernando Gont
- Re: [tcpm] WG Last Call for ICMP Attacks Smith, Donald
- Re: [tcpm] WG Last Call for ICMP Attacks Fernando Gont
- Re: [tcpm] WG Last Call for ICMP Attacks Smith, Donald
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Fernando Gont
- Re: [tcpm] WG Last Call for ICMP Attacks Lars Eggert
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Carlos Pignataro
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Carlos Pignataro
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Carlos Pignataro
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Anantha Ramaiah (ananth)
- Re: [tcpm] WG Last Call for ICMP Attacks Joe Touch
- Re: [tcpm] WG Last Call for ICMP Attacks Fernando Gont