Re: Fwd: Security Assessment of the Transmission Control Protocol (TCP)

From: Keith Moore <moore at network-heretics.com>
To: Marshall Eubanks <tme at multicasttech.com>
Cc: IETF discussion list <ietf at ietf.org>
Date: Fri, 13 Feb 2009 20:18:19 -0500
In-reply-to: <0B030ADA-F621-4FDF-9CAF-23A27C16E26B at multicasttech.com>
References: <4994A4EB.5030607 at gmail.com> <0B030ADA-F621-4FDF-9CAF-23A27C16E26B at multicasttech.com>

Marshall Eubanks wrote:
> If I am reading this correctly the UK Centre for the Protection of
> National Infrastructure
> wants the IETF (or some other body) to produce a "companion document to
> the IETF specifications that discusses the security aspects and
> implications of the protocols, identifies the existing vulnerabilities,
> discusses the possible countermeasures, and analyses their respective
> effectiveness."

It's difficult to imagine that these things could be adequately captured
in a static document, for TCP or any other protocol, because new threats
and countermeasures continue to be identified decades after the base
protocol is well-settled.  Maybe something like an expanded version of
the RFC Editor's errata pages would be more appropriate?

Follow-Ups:
- Re: Fwd: Security Assessment of the Transmission Control Protocol (TCP)
  - From: Joel Jaeggli

References:
- Fwd: Security Assessment of the Transmission Control Protocol (TCP)
  - From: Marshall Eubanks

Prev by Date: Re: How we got here, RE: References to Redphone's "patent"
Next by Date: RE: References to Redphone's "patent"
Previous by thread: Fwd: Security Assessment of the Transmission Control Protocol (TCP)
Next by thread: Re: Fwd: Security Assessment of the Transmission Control Protocol (TCP)
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Fwd: Security Assessment of the Transmission Control Protocol (TCP)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.