Re: [tcpm] WGLC: draft-ietf-tcpm-tcpsecure-10.txt

Joe Touch <touch@ISI.EDU> Mon, 29 September 2008 14:53 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AFCEA3A6A8D; Mon, 29 Sep 2008 07:53:32 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 142463A6AFC for <tcpm@core3.amsl.com>; Mon, 29 Sep 2008 07:53:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gIenjw+ykCpz for <tcpm@core3.amsl.com>; Mon, 29 Sep 2008 07:53:30 -0700 (PDT)
Received: from vapor.isi.edu (vapor.isi.edu [128.9.64.64]) by core3.amsl.com (Postfix) with ESMTP id 2E2E23A6AF4 for <tcpm@ietf.org>; Mon, 29 Sep 2008 07:53:30 -0700 (PDT)
Received: from [192.168.1.45] (pool-71-106-119-240.lsanca.dsl-w.verizon.net [71.106.119.240]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id m8TErIvP015158 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 29 Sep 2008 07:53:20 -0700 (PDT)
Message-ID: <48E0EBDE.5060403@isi.edu>
Date: Mon, 29 Sep 2008 07:53:18 -0700
From: Joe Touch <touch@ISI.EDU>
User-Agent: Thunderbird 2.0.0.17 (Windows/20080914)
MIME-Version: 1.0
To: David Borman <david.borman@windriver.com>
References: <FE34F27F-8DDF-4C94-BC6E-E2ABF6000309@windriver.com> <B5A5E01F9387F4409E67604C0257C71E409513@NDJSEVS25A.ndc.nasa.gov> <24D2F5D3-93E7-4B64-BA96-2086F3E5754E@windriver.com> <20080906013831.GD2074@zod.isi.edu> <0C53DCFB700D144284A584F54711EC5805DF4359@xmb-sjc-21c.amer.cisco.com> <6FDABCB8-7EDA-40A2-A40A-9F768396A2D2@windriver.com>
In-Reply-To: <6FDABCB8-7EDA-40A2-A40A-9F768396A2D2@windriver.com>
X-Enigmail-Version: 0.95.7
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: Ted Faber <faber@ISI.EDU>, tcpm@ietf.org, "Anantha Ramaiah (ananth)" <ananth@cisco.com>, "Mitesh Dalal (mdalal)" <mdalal@cisco.com>
Subject: Re: [tcpm] WGLC: draft-ietf-tcpm-tcpsecure-10.txt
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

FWIW, it seems like RFC1122 should be moved to normative.

Regarding some of the recent thread regarding the numbers in section
1.3 (Ted's comments, "finish the math"), I've noted before, as well,
that section 1.3 is redundant with RFC4953. Replicating the math isn't
needed. Also, the prediction regarding the impact of BW on the attack is
a guess in this doc, whereas in RFC4953 the relationship is explained.

Joe

David Borman wrote:
> 
> On Sep 28, 2008, at 4:03 PM, Anantha Ramaiah (ananth) wrote:
> 
>>> P24:
>>>
>>> Why are RFC's 4302 and 4303 normative?  And if they are why
>>> isn't RFC2385?  They're all referred to as possible
>>> mitigations.  My preference is making 4302 and 4303
>>> non-normative, but it's very likely that I'm missing a rule here.
>>
>> I am not sure about the rules here?  David/Wes what needs to be done
>> here ?
> 
> Typically normative references are things that a document depends on for
> understanding and/or implementation.  The only references to RFC 4302 &
> 4303 are to say that the only real way to secure a connection is using
> IPsec, and since this document deals with the absence of them, I agree
> with Ted, these should be informative references.
> 
>             -David
> 
> _______________________________________________
> tcpm mailing list
> tcpm@ietf.org
> https://www.ietf.org/mailman/listinfo/tcpm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjg694ACgkQE5f5cImnZrtsxQCgkNBjvjje7gc63/VsIjEvCU8m
KpQAoI798NpQRLmIWQoxxOWizSv8zYqu
=0+Tk
-----END PGP SIGNATURE-----
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm