Re: [tsvwg] Comment on security considerations of draft-ietf-tsvwg-sctp-sack-immediately
Michael Tuexen <Michael.Tuexen@lurchi.franken.de> Thu, 14 March 2013 17:09 UTC
Return-Path: <Michael.Tuexen@lurchi.franken.de>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB23A11E8162 for <tsvwg@ietfa.amsl.com>; Thu, 14 Mar 2013 10:09:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mW8wGZscqpEa for <tsvwg@ietfa.amsl.com>; Thu, 14 Mar 2013 10:09:46 -0700 (PDT)
Received: from mail-n.franken.de (drew.ipv6.franken.de [IPv6:2001:638:a02:a001:20e:cff:fe4a:feaa]) by ietfa.amsl.com (Postfix) with ESMTP id DA91E11E815B for <tsvwg@ietf.org>; Thu, 14 Mar 2013 10:09:45 -0700 (PDT)
Received: from [IPv6:2001:df8::8:e80a:256d:1d51:5a63] (unknown [IPv6:2001:df8:0:8:e80a:256d:1d51:5a63]) (Authenticated sender: macmic) by mail-n.franken.de (Postfix) with ESMTP id 60F151C0C0692; Thu, 14 Mar 2013 18:09:43 +0100 (CET)
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: text/plain; charset="iso-8859-1"
From: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
In-Reply-To: <513E4053.3090409@erg.abdn.ac.uk>
Date: Thu, 14 Mar 2013 13:09:38 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <DE6839DE-14DC-4CAC-83BF-53E2E196BB8E@lurchi.franken.de>
References: <513E4053.3090409@erg.abdn.ac.uk>
To: gorry@erg.abdn.ac.uk
X-Mailer: Apple Mail (2.1283)
Cc: tsvwg@ietf.org
Subject: Re: [tsvwg] Comment on security considerations of draft-ietf-tsvwg-sctp-sack-immediately
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tsvwg>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 17:09:46 -0000
On Mar 11, 2013, at 4:36 PM, Gorry Fairhurst wrote: > Michael, > > Is there potential extra remote processing/capacity of sending segments with the I-bit or not? > > (Am I correct in thinking that there is actually little extra work that can be forced on a receiver using this bit?) > > It may be worth explaining why this is an issue or non-issue in the security considerations. If we do this it may be worth noting this, this may be better than assuming reviewers are familiar with sctp. Hi Gorry, what about adding: It should be noted that an malicious sender can force its peer to send packets containing SACK chunks for each received packet containing DATA chunks instead of every other. However, every receiver has to be able to do this anyway. It might be configured to do so or has to do this because of packet loss or reordering in the network. Best regards Michael > > Gorry >
- [tsvwg] Comment on security considerations of dra… Gorry Fairhurst
- Re: [tsvwg] Comment on security considerations of… Michael Tuexen