Re: [dccp] DCCP specification updates

[Yoshifumi Nishida <nishida at csl.sony.co.jp>]

From: "Arnaldo Carvalho de Melo" <acme at ghostprotocols.net>
Subject: Re: [dccp] DCCP specification updates
Date: Wed, 15 Mar 2006 14:56:19 -0300
Message-ID: <39e6f6c70603150956v3ab13503yd30fad71d1bbd81b at mail.gmail.com>

 > On 3/15/06, Eddie Kohler <kohler at cs.ucla.edu> wrote:
 > > Hi all,
 > >
 > > We have proofread the DCCP spec in detail for AUTH48, and have found a number
 > > of technical nits.  There was one thing that I wanted to mention explicitly
 > > before AUTH48 ends.
 > >
 > > We propose to change the default value of the Allow Short Sequence Numbers
 > > feature to 0.
 > >
 > > Recap: DCCP sequence numbers can be either long (48 bits) or short (24 bits).
 > >   Short sequence numbers save header space, but leave connections at greater
 > > risk for attack (and sequence number wrapping).
 > >
 > > It seems like stack implementations should default to long sequence numbers,
 > > since this is safe, and allow short sequence numbers only if a connection is
 > > known to be data-limited.  We can indicate this in the spec by setting Allow
 > > Short Seqnos's default to 0.
 > >
 > > Quick comments OK.
 > 
 > FYI: The Linux implementation doesn't even support short sequence numbers
 > currently, haven't checked the NetBSD one.

The KAME implementaion includes minimal support for short seqeunce number.
If the shortseq variable in dccpcb is set to 1, DCCP tries to use
short sequecen number. However, no function to set the variable is implemented yet..
So, the proposal is quite OK.

Thanks,
--
Yoshifumi Nishida
nishida at csl.sony.co.jp