Re: [tcpm] Last Call: draft-ietf-tcpm-tcpsecure (Improving TCP's Robustness to Blind In-Window Attacks) to Proposed Standard

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 17 April 2009 21:02 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 051EE3A6931; Fri, 17 Apr 2009 14:02:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.384
X-Spam-Level:
X-Spam-Status: No, score=-2.384 tagged_above=-999 required=5 tests=[AWL=0.215, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D3MrkIhZcSbI; Fri, 17 Apr 2009 14:02:12 -0700 (PDT)
Received: from ti-out-0910.google.com (ti-out-0910.google.com [209.85.142.184]) by core3.amsl.com (Postfix) with ESMTP id DA7493A683F; Fri, 17 Apr 2009 14:01:58 -0700 (PDT)
Received: by ti-out-0910.google.com with SMTP id 11so727791tim.25 for <multiple recipients>; Fri, 17 Apr 2009 14:03:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :organization:user-agent:mime-version:to:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=7nRDlwYoLpo7QwVYp9YCSHamnh2n2yjmv3EiDul1u00=; b=JE2eSbkUgTor/ZknfHm1Jq7CFdOU+9EeMMGFFaldZxiQxN+Y2L6cPDVCdP/D0f6YwO ByBdZSWjp7B9bHKtW9FlRWXP98BY+zB3nToG0o/N18waX5PapORUt3XjawEOtzjyyFAu daR214Gh9cWbjV1uNCYkpAxATzrLPbInhfBug=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; b=FrE+hu6i0hJ0fBYNaAdDMS4qdDk2/cX+ZVW2QaZ+jXpbgg0M/K1NWrqTV1dL/AAZiz Hl+DozI5Xg88n/3uBwG0vlFY0o6I+kijBhZyXtgadjiALAOTM1EuArlYS0ob9wIcGY0d 8uYhBhuhJWbRbdfrOMvlxJYOSoDXAv4XVCMGc=
Received: by 10.110.50.19 with SMTP id x19mr3247093tix.42.1240002192267; Fri, 17 Apr 2009 14:03:12 -0700 (PDT)
Received: from ?10.1.1.4? (118-93-162-236.dsl.dyn.ihug.co.nz [118.93.162.236]) by mx.google.com with ESMTPS id u12sm1225374tia.4.2009.04.17.14.03.08 (version=SSLv3 cipher=RC4-MD5); Fri, 17 Apr 2009 14:03:10 -0700 (PDT)
Message-ID: <49E8EE86.3010600@gmail.com>
Date: Sat, 18 Apr 2009 09:03:02 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Fernando Gont <fernando@gont.com.ar>
References: <20090402150706.EC83D28C222@core3.amsl.com> <49E3ADA4.1090402@gont.com.ar> <0C53DCFB700D144284A584F54711EC58070763E3@xmb-sjc-21c.amer.cisco.com> <be6497400904162214lbc16cf1oda737cb91ae88bf7@mail.gmail.com>
In-Reply-To: <be6497400904162214lbc16cf1oda737cb91ae88bf7@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Wed, 22 Apr 2009 08:02:48 -0700
Cc: tcpm@ietf.org, "Anantha Ramaiah (ananth)" <ananth@cisco.com>, ietf@ietf.org
Subject: Re: [tcpm] Last Call: draft-ietf-tcpm-tcpsecure (Improving TCP's Robustness to Blind In-Window Attacks) to Proposed Standard
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2009 21:02:13 -0000

On 2009-04-17 17:14, Fernando Gont wrote:
> On Mon, Apr 13, 2009 at 10:23 PM, Anantha Ramaiah (ananth)
> <ananth@cisco.com> wrote:
> 
>>> * The document never mentions the fact that this document is
>>> IPR-encumbered. 
...

> I personally believe this should be noted in all RFCs on which there's
> a known IPR. However, Joel Halpern mentioned this is not current
> practice. If that's the case, I'd have no problem with leaving it "as
> is". (FWIW, if you look at our tcp-security document, we do recommend
> the implementation of the counter-measures you propose, but just note
> that there's an IPR, and that implementers should research how this
> would affect them).

Personal belief doesn't come into it. It's strictly defined in a BCP.
RFC3979 tells us the rules about this. Basically, the RFC Editor will
do what is required:

"4.  Actions for Documents for which IPR Disclosure(s) Have Been Received

   (A) When any Intellectual Property Right is disclosed before
       publication as an  RFC, with respect to any technology or
       specification, described in a Contribution in the manner set
       forth in Section 6 of this document, the RFC Editor shall ensure
       that the document include a note indicating the existence of such
       claimed Intellectual Property Rights in any RFC published from
       the Contribution.  (See Section 5 below.)"

[Section 5 defines the exact text to be included in such RFCs.
I believe you can use <?rfc iprnotified="yes"?> in xml2rfc.]

"11.  No IPR Disclosures in IETF Documents

   IETF and RFC Editor Documents must not contain any mention of
   specific IPR.  All specific IPR disclosures must be submitted as
   described in Section 6.  Specific IPR disclosures must not be in the
   affected IETF and RFC Editor Documents because the reader could be
   misled.  The inclusion of a particular IPR disclosure in a document
   could be interpreted to mean that the IETF, IESG, or RFC Editor has
   formed an opinion on the validity, enforceability, or applicability
   of the IPR.  The reader could also be misled to think that the
   included IPR disclosures are the only IPR disclosures the IETF has
   received concerning the IETF document.  Readers should always refer
   to the on-line web page to get a full list of IPR disclosures
   received by the IETF concerning any Contribution.
   (http://www.ietf.org/ipr/)"

      Brian