Re: [TERNLI] Forwarding corrupt packets

Michael Welzl <michael.welzl@uibk.ac.at> Tue, 05 September 2006 07:16 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GKVA9-0005EI-R6; Tue, 05 Sep 2006 03:16:01 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GKVA8-0005EC-DI for ternli@ietf.org; Tue, 05 Sep 2006 03:16:00 -0400
Received: from gibson.q2s.ntnu.no ([129.241.205.18]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GKVA6-00076V-2r for ternli@ietf.org; Tue, 05 Sep 2006 03:16:00 -0400
Received: from dhcp103.q2s.ntnu.no (dhcp103.q2s.ntnu.no [129.241.205.103]) by gibson.q2s.ntnu.no (Postfix) with ESMTP id 852AA2DD32E; Tue, 5 Sep 2006 09:15:56 +0200 (CEST)
Subject: Re: [TERNLI] Forwarding corrupt packets
From: Michael Welzl <michael.welzl@uibk.ac.at>
To: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
In-Reply-To: <4E862E2A-DF85-47C1-98A1-991F3CB58B27@lurchi.franken.de>
References: <1157097623.3192.34.camel@lap10-c703.uibk.ac.at> <44F83E74.1080603@isi.edu> <1157121036.3192.148.camel@lap10-c703.uibk.ac.at> <44F84AD5.7070307@isi.edu> <1157131227.3192.220.camel@lap10-c703.uibk.ac.at> <44F8780D.9060503@isi.edu> <1157356740.3197.57.camel@lap10-c703.uibk.ac.at> <85C961BE-2B32-4A31-8235-49CCDCF1332D@lurchi.franken.de> <44FC2484.50201@erg.abdn.ac.uk> <EE4E54BA-BCEB-4DD7-86AB-B2A44A24ACD0@lurchi.franken.de> <44FC2CA7.90602@erg.abdn.ac.uk> <57784F3E-B93A-4D49-AEBA-F1124D952302@lurchi.franken.de> <1157390125.3291.43.camel@lap10-c703.uibk.ac.at> <4E862E2A-DF85-47C1-98A1-991F3CB58B27@lurchi.franken.de>
Content-Type: text/plain
Organization: University of Innsbruck
Message-Id: <1157440551.3195.3.camel@lap10-c703.uibk.ac.at>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.2.2 (1.2.2-4)
Date: 05 Sep 2006 09:15:52 +0200
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 39bd8f8cbb76cae18b7e23f7cf6b2b9f
Cc: Randall Stewart <rrs@cisco.com>, ternli@ietf.org, Joe Touch <touch@ISI.EDU>
X-BeenThere: ternli@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Transport-Enhancing Refinements to the Network Layer Interface <ternli.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ternli>, <mailto:ternli-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ternli>
List-Post: <mailto:ternli@ietf.org>
List-Help: <mailto:ternli-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ternli>, <mailto:ternli-request@ietf.org?subject=subscribe>
Errors-To: ternli-bounces@ietf.org

> I'll not respond the next week, because I'll be on vacation :-)

there's still quite a bit of this week left   :-)


> So I do not think that this adds an additional threat to SCTP.
> But if you have an attack in mind, I would be very interested
> to think about it. We (the authors of the ID) do NOT want to
> make SCTP with that extension weaker than without.

I don't have a particular attack in mind, and what you said
sounds convincing. I just shared my initial feelings...
I'd like to leave the security check to Joe who certainly
knows a lot more about these things (security is one particular
weakness of mine, so I should probably just shut up).


> >       The DATA
> >       chunk should be treated just as if it had been marked for fast
> >       retransmit with the exception that no adjustment should be  
> > made to
> >       the value of cwnd (providing that the receiver can validate a
> >       portion of the packet as being what was sent).
> What we know is:
> - the payload was corrupted (the SCTP common header was intact)
> - the receiver proofed that he got the packet. So it is not in the
>    network anymore
> We assume that this is NOT an indication of congestion. So we can  
> fast retransmit
> it...

I fully agree about fast retransmitting. It's the "no adjustment
should be made to the value of cwnd" part that worries me.

Cheers,
Michael