Re: [tcpm] TCP-AO review comments.
Ron Bonica <rbonica@juniper.net> Fri, 08 August 2008 17:39 UTC
Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F0DF23A6CF7; Fri, 8 Aug 2008 10:39:19 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CA13E3A6CF7 for <tcpm@core3.amsl.com>; Fri, 8 Aug 2008 10:39:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hGqIwuNfafqq for <tcpm@core3.amsl.com>; Fri, 8 Aug 2008 10:39:18 -0700 (PDT)
Received: from exprod7og113.obsmtp.com (exprod7og113.obsmtp.com [64.18.2.179]) by core3.amsl.com (Postfix) with ESMTP id 8BD673A6CA2 for <tcpm@ietf.org>; Fri, 8 Aug 2008 10:38:24 -0700 (PDT)
Received: from source ([66.129.228.6]) by exprod7ob113.postini.com ([64.18.6.12]) with SMTP; Fri, 08 Aug 2008 10:38:22 PDT
Received: from pi-smtp.jnpr.net ([10.10.2.36]) by p-emsmtp03.jnpr.net with Microsoft SMTPSVC(6.0.3790.3959); Fri, 8 Aug 2008 10:37:37 -0700
Received: from proton.jnpr.net ([10.10.2.37]) by pi-smtp.jnpr.net with Microsoft SMTPSVC(5.0.2195.6713); Fri, 8 Aug 2008 13:37:36 -0400
Received: from [172.28.13.57] ([172.28.13.57] RDNS failed) by proton.jnpr.net with Microsoft SMTPSVC(6.0.3790.1830); Fri, 8 Aug 2008 13:37:36 -0400
Message-ID: <489C845D.90500@juniper.net>
Date: Fri, 08 Aug 2008 13:37:33 -0400
From: Ron Bonica <rbonica@juniper.net>
User-Agent: Thunderbird 2.0.0.16 (Windows/20080708)
MIME-Version: 1.0
To: Caitlin Bestler <cait@asomi.com>
References: <0C53DCFB700D144284A584F54711EC58058C2FD4@xmb-sjc-21c.amer.cisco.com> <48939933.3030601@isi.edu> <C4CB96A1-6990-48A2-AF3E-A429C0DBE312@nokia.com> <4899AE0C.6080206@asomi.com>
In-Reply-To: <4899AE0C.6080206@asomi.com>
X-Enigmail-Version: 0.95.6
X-OriginalArrivalTime: 08 Aug 2008 17:37:36.0536 (UTC) FILETIME=[7262B980:01C8F97D]
Cc: tcpm@ietf.org, "Anantha Ramaiah (ananth)" <ananth@cisco.com>, ext Joe Touch <touch@isi.edu>
Subject: Re: [tcpm] TCP-AO review comments.
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org
>
> Basically, this is an application layer problem being foisted upon
> the transport layer. It creates unneeded clutter at the transport
> layer that is not of general utility.
>
Caitlin,
I disagree. TCP-AO protects against some classes of attack against the
TCP control plane. These attacks cannot be addressed at the application
layer.
For example, there is nothing that can be done at the application layer
to protect against the insertion of an empty TCP segment with the reset
bit set. TCP-AO protects against this.
Ron
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm
- [tcpm] TCP-AO review comments. Anantha Ramaiah (ananth)
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Anantha Ramaiah (ananth)
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Eddy, Wesley M. (GRC-RCN0)[VZ]
- Re: [tcpm] TCP-AO review comments. Adam Langley
- Re: [tcpm] TCP-AO review comments. Chandrashekhar Appanna
- Re: [tcpm] TCP-AO review comments. Lars Eggert
- Re: [tcpm] TCP-AO review comments. Caitlin Bestler
- Re: [tcpm] TCP-AO review comments. Eric Rescorla
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Ron Bonica
- Re: [tcpm] TCP-AO review comments. Stefanos Harhalakis
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Stefanos Harhalakis
- Re: [tcpm] TCP-AO review comments. Joe Touch
- Re: [tcpm] TCP-AO review comments. Stefanos Harhalakis