-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Title : Port Randomization > Author(s) : M. Larsen, F. Gont > Filename : draft-ietf-tsvwg-port-randomization-02.txt > Pages : 28 > Date : 2008-08-31 Hi, Fernando, A few comments, the latter mostly by Ananth's draft: - - it might be useful to simplify the abstract some of the context can be moved to the intro, i.e., the abstract can just refer to being 'inspired by recent attacks' as RFC1948 does - - it might be useful to refer to RFC1948 earlier, e.g., in the intro this doc very closely parallels RFC1948, so raising that point earlier might be useful to the reader - - I'm not clear on the utility of the bit array to avoid reserved ports if the source port is selected on CONNECT, the TCB will be correctly associated with the issuing process, not any other process listening on that port the only value is in debugging - i.e., assuming that port=service, but that doesn't always mean anything specific anyway, since kernel's don't prohibit use of allocated ports anyway (i.e., no reason this mechanism needs to do more than a kernel would in preventing a user from setting a specific source port at the app layer) Joe -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAki9tb0ACgkQE5f5cImnZrspzwCgngda/7eZ+MBk0BUwUFec04BQ iMYAoM3SyYgjUTu8Qg5clNN5cg9cmDfb =xqIY -----END PGP SIGNATURE----- _______________________________________________ I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
