Re: [tcpm] Review of draft-ietf-tcpm-tcp-auth-opt-01

Joe Touch <touch@ISI.EDU> Tue, 29 July 2008 22:29 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id 972493A6B4A; Tue, 29 Jul 2008 15:29:48 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 298363A6AF8 for <>; Tue, 29 Jul 2008 15:29:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.483
X-Spam-Status: No, score=-2.483 tagged_above=-999 required=5 tests=[AWL=0.116, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id BOAIpIdtRcF8 for <>; Tue, 29 Jul 2008 15:29:46 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 225353A6ABB for <>; Tue, 29 Jul 2008 15:29:46 -0700 (PDT)
Received: from [] ([]) by (8.13.8/8.13.8) with ESMTP id m6TMTWR0006007 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 29 Jul 2008 15:29:35 -0700 (PDT)
Message-ID: <>
Date: Tue, 29 Jul 2008 15:28:59 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird (Windows/20080708)
MIME-Version: 1.0
To: Adam Langley <>
References: <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 0.95.6
X-ISI-4-43-8-MailScanner: Found to be clean
Subject: Re: [tcpm] Review of draft-ietf-tcpm-tcp-auth-opt-01
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"

Hash: SHA1


Adam Langley wrote:
| Some points from the discussion:
| Regarding NATs:
| Your reasoning, as I understood it, for not including an option to
| exclude the pseudoheader and port numbers for NAT traversal was that
| the host needs these items to lookup the correct key anyway.
| There are several situation where this is not the case. (I'll point
| out that I see TCP-AO as being useful outside the domain of securing
| BGP sessions between backbone routers)
| 1) A host installs a key on a listening socket with a wildcard
| address.

We don't support this use. There are no wildcard addresses in installed
keys; only the source port can be wildcarded.

| Thus, one can only connect to the socket if you know the key.
| The key probably rotates based on time. This is currently, usually
| done based on "port knocking" - which has always struck me as a messy
| solution. The resulting, ESTABLISHED connection knows the port numbers
| and IP addresses without having to establish it before hand.
| 2) An unauthenticated connection is established and the userland code
| wishes to upgrade to TCP-AO. Again, since the connection is
| established the keyset to use are implicit. I didn't know that the
| NONE mac was designed for upgrading like this. In my Linux patches
| there's a TCP_AUTH_LATCH option which means "accept unsigned packets
| until the first signed packet, then require signatures".

That's changing from NONE to a non-NONE MAC.

| Keyids:
| I agree that keeping the cryptography in the MAC is a good thing.
| There is an implementation issue about the number of keys that a
| kernel may have to store (80ish bytes per key * 256 keys * number of
| configured hosts), but that's not a spec problem.

Agreed. I'll try to capture that.

Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla -

tcpm mailing list