[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [OPSEC] [tcpm] draft-gont-tcp-security

To: Fernando Gont <fernando at gont.com.ar>
Subject: Re: [OPSEC] [tcpm] draft-gont-tcp-security
From: Todd Glassey <tglassey at earthlink.net>
Date: Tue, 14 Apr 2009 12:21:23 -0700
Cc: "'tcpm at ietf.org'" <tcpm at ietf.org>, "'ietf at ietf.org'" <ietf at ietf.org>, Joe Touch <touch at ISI.EDU>, 'Joe Abley' <jabley at ca.afilias.info>, "'opsec at ietf.org'" <opsec at ietf.org>, Lars Eggert <lars.eggert at nokia.com>
Delivered-to: opsec at core3.amsl.com
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=ELMvYCbh+jvv0ubaw5sa+uuFZtDbE65BIFf6OzXhtS2DTBhp08l5OANDhMZ8PUYj; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
In-reply-to: <49E4D257.40504 at gont.com.ar>
List-archive: <http://www.ietf.org/mail-archive/web/opsec>
List-help: <mailto:opsec-request@ietf.org?subject=help>
List-id: opsec wg mailing list <opsec.ietf.org>
List-post: <mailto:opsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
References: <C304DB494AC0C04C87C6A6E2FF5603DB221318F5E8 at NDJSSCC01.ndc.nasa.g ov><49E36AB9.40507 at isi.edu> <49E384E9.1050106 at gont.com.ar><49E3878C.9080200 at isi.edu> <49E39119.1060902 at gont.com.ar> <B01905DA0C7CDC478F42870679DF0F1004BC4176D0 at qtdenexmbm24.AD.QINTRA.COM> <49E3A88F.9060301 at gont.com.ar> <49E3ABC0.1050601 at isi.edu> <49E3B9BF.1060901 at gont.com.ar> <49E3BED9.1030701 at isi.edu> <C9E987CC-0213-4C67-BA0A-11C736772EE7 at nokia.com> <49E4D257.40504 at gont.com.ar>
User-agent: Thunderbird 2.0.0.21 (Windows/20090302)

Fernando Gont wrote:

Lars Eggert wrote:

I agree with Joe that some of the hardening techniques that vendors are
implementing come with consequences (make TCP more brittle). To me, this
is a *reason* this document should be published via the IETF (i.e.,
TCPM) - we are probably in the best position to correctly evaluate and
classify the impact of various hardening techniques. Stack vendors have
been putting these mechanisms in to their stacks without clear
specifications and discussions of the potential upsides and downsides
that would let them make an educated decision. It seems clear to me that
the vendor community is looking for guidance here, and I do believe the
IETF should give it.


This is the reason for which the output of the CPNI project was
submitted as an IETF I-D.

Yeah - so then this would be tested across all of the local TCPimplementations including the MS, AT&T *(i.e. Lachman Associates Inc)and possibly Mentat's fast system?

Kind regards,
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - www.avg.comVersion: 8.0.238 / Virus Database: 270.11.57/2059 - Release Date: 04/14/09 14:52:00

Follow-Ups:
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Lars Eggert

References:
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Fernando Gont
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Smith, Donald
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Fernando Gont
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Joe Touch
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Fernando Gont
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Joe Touch
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Lars Eggert
- Re: [OPSEC] [tcpm] draft-gont-tcp-security
  - From: Fernando Gont

Prev by Date: Re: [OPSEC] [tcpm] draft-gont-tcp-security
Next by Date: Re: [OPSEC] [tcpm] draft-gont-tcp-security
Previous by thread: Re: [OPSEC] [tcpm] draft-gont-tcp-security
Next by thread: Re: [OPSEC] [tcpm] draft-gont-tcp-security
Index(es):
- Date
- Thread