> -----Original Message----- > From: Eddie Kohler [mailto:kohler@xxxxxxxxxxx] > Sent: Monday, February 28, 2011 2:41 PM > To: Dan Wing > Cc: ''dccp' working group'; draft-ietf-dccp-udpencap@xxxxxxxxxxxxxx > Subject: Re: WGLC for draft-ietf-dccp-udpencap > > A nit > > On 02/28/2011 01:40 PM, Dan Wing wrote: > > 6. The "Encapsulated Port Reuse" is defined in a section titled > > "DCCP Reset", which is confusing. Please fix. > > > > 7. The "Encapsulated Port Reuse" seems very scary, as I could > > spoof it -- it contains only three bytes: the DCCP packet type > > (1 byte) and UDP port number (2 bytes). This is insufficient > > considering its impact to an ongoing DCCP connection. More > > information needs to be included in the payload to prevent > > off-path attackers from abusing this. > > Think this is a DCCP misunderstanding. Encapsulated Port Reuse is a > subtype > of the DCCP-Reset packet type. This Reset packet type, which is *not* > particularly easy to spoof due to seqno checks and such, includes > several > subtype fields, namely Reason (Encapsulated Port Reuse) and 3 data > bytes, > which are defined as above. Ah. That does make more sense. Thanks. So, taking the diagram in section 3, +-----------------------------------+ | IP Header (IPv4 or IPv6) | Variable length +-----------------------------------+ | UDP Header | 8 bytes +-----------------------------------+ | DCCP Generic Header | 12 or 16 bytes +-----------------------------------+ | Additional (type-specific) Fields | Variable length (could be 0) +-----------------------------------+ | DCCP Options | Variable length (could be 0) +-----------------------------------+ | Application Data Area | Variable length (could be 0) +-----------------------------------+ the 'Encapsulated Port Reuse' error is a field value within the DCCP Generic Header, and would be registered with http://www.iana.org/assignments/dccp-parameters/dccp-parameters.xml#dccp-parameters-2 Ok, thanks for clarifying that. -d
