Re: [TERNLI] Forwarding corrupt packets

Gorry Fairhurst <gorry@erg.abdn.ac.uk> Tue, 05 September 2006 15:48 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GKdA1-0001Ml-CU; Tue, 05 Sep 2006 11:48:25 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GKd9z-0001MS-TY for ternli@ietf.org; Tue, 05 Sep 2006 11:48:23 -0400
Received: from [2001:630:241:204:203:baff:fe9a:8c9b] (helo=erg.abdn.ac.uk) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GKd9y-00051g-DO for ternli@ietf.org; Tue, 05 Sep 2006 11:48:23 -0400
Received: from [10.0.1.28] (maxp19.dialup.abdn.ac.uk [139.133.201.178]) (authenticated bits=0) by erg.abdn.ac.uk (8.13.4/8.13.4) with ESMTP id k85Fk2C5013119 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NOT); Tue, 5 Sep 2006 16:47:36 +0100 (BST)
User-Agent: Microsoft-Entourage/11.2.4.060510
Date: Tue, 05 Sep 2006 16:44:06 +0100
Subject: Re: [TERNLI] Forwarding corrupt packets
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
To: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>, Joe Touch <touch@ISI.EDU>
Message-ID: <C12359D6.5D13%gorry@erg.abdn.ac.uk>
Thread-Topic: [TERNLI] Forwarding corrupt packets
Thread-Index: AcbRAh6XXPg7kjz1Edu/HwAKlc/qXg==
In-Reply-To: <FC8103E1-1833-46CE-BF31-925890F0BEFB@lurchi.franken.de>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-ERG-MailScanner: Found to be clean
X-ERG-MailScanner-From: gorry@erg.abdn.ac.uk
X-Spam-Status: No
X-Spam-Score: -2.8 (--)
X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15
Cc: ternli@ietf.org
X-BeenThere: ternli@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Transport-Enhancing Refinements to the Network Layer Interface <ternli.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ternli>, <mailto:ternli-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ternli>
List-Post: <mailto:ternli@ietf.org>
List-Help: <mailto:ternli-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ternli>, <mailto:ternli-request@ietf.org?subject=subscribe>
Errors-To: ternli-bounces@ietf.org

This seems fine, the "risk" is only from on-path devices, same as for
TCP,etc. 

Gorry

On 5/9/06 06:49, "Michael Tuexen" <Michael.Tuexen@lurchi.franken.de>; wrote:

> Hi Joe,
> 
> comments in-line.
> 
> Best regards
> Michael
> 
> On Sep 5, 2006, at 2:24 AM, Joe Touch wrote:
> 
>> 
>> 
>> Michael Tuexen wrote:
>>> Hi Joe,
>>> 
>>> comments in-line.
>>> 
>>> Best regards
>>> Michael
>>> 
>>> On Sep 5, 2006, at 12:50 AM, Joe Touch wrote:
>>> 
>>>> 
>>>> 
>>>> Michael Tuexen wrote:
>>>>> Hi Michael,
>>>>> 
>>>>> see my comments in-line.
>>>> ...
>>>>> I think we have to consider two cases:
>>>>> - An on path attacker....
>>>>> - An off path attacker. ...
>>>> 
>>>> Checksums are not protection from attacks.
>>> Correct.
>>> But the question was could the PKTDRP report be used for an attack.
>> 
>> If it isn't signed, then yes. But that holds for any message.
> Correct.
>> 
>>> What
>>> I wanted to
>>> make clear is the an on path attacker can use it, but he can do this
>>> even without PKTDRP.
>>> An off path attacker has the same problem as for basic SCTP
>>> without PKTDRP.
>> 
>> Aren't these statements true for any unsigned SCTP message?
> Correct. That was my point. SCTP with PKTDRP is not less safe than
> pure SCTP.
>> 
>> Joe
>> 
>