A nit On 02/28/2011 01:40 PM, Dan Wing wrote:
6. The "Encapsulated Port Reuse" is defined in a section titled "DCCP Reset", which is confusing. Please fix. 7. The "Encapsulated Port Reuse" seems very scary, as I could spoof it -- it contains only three bytes: the DCCP packet type (1 byte) and UDP port number (2 bytes). This is insufficient considering its impact to an ongoing DCCP connection. More information needs to be included in the payload to prevent off-path attackers from abusing this.
Think this is a DCCP misunderstanding. Encapsulated Port Reuse is a subtype of the DCCP-Reset packet type. This Reset packet type, which is *not* particularly easy to spoof due to seqno checks and such, includes several subtype fields, namely Reason (Encapsulated Port Reuse) and 3 data bytes, which are defined as above.
Eddie
