Security Assessment of TCP (was: draft-gont-tcp-security)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello, folks,

A few months ago there had been a thread on this list about the
publication of the UK CPNI document "Security Assessment of the
Transmission Control Protocol (TCP)" (available at:
http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf).

After the publication of that document, I produced an IETF I-D version
of it, which is available at:
http://tools.ietf.org/html/draft-gont-tcp-security-00

Two possible venues for this document are tcpm and opsec. And we're
currently trying to figure out the best path forward.

One of the tcpm co-chairs (Wesley Eddy) has started a thread on this
issue (see bellow).

My personal take is that the IETF is responsible for the maintenance of
its protocols, and this effort carried ut by the UK CPNI should be
welcome, and the IETF should take the chance and benefit from this work
to publish advice on TCP security/resiliency.

Thanks!

Kind regards,
Fernando Gont




-------- Original Message --------
Subject: draft-gont-tcp-security
Date: Mon, 13 Apr 2009 09:19:43 -0500
From: Eddy, Wesley M. (GRC-RCN0)[Verizon] <wesley.m.eddy@xxxxxxxx>
To: tcpm@xxxxxxxx <tcpm@xxxxxxxx>
CC: Fernando Gont <fernando@xxxxxxxxxxx>, Joe Abley
<jabley@xxxxxxxxxxxxxxx>,        Joel Jaeggli <joelja@xxxxxxxxx>,
 "rbonica@xxxxxxxxxxx" <rbonica@xxxxxxxxxxx>

Fernando has a draft intended for BCP, that has been discussed somewhat
on the OPSEC and IETF mailing lists:

http://tools.ietf.org/html/draft-gont-tcp-security-00

Since it concerns TCP and facets of both TCP implementation and stack
configuration, TCPM holds the most technical ability to evaluate or
work on this, in my opinion.

As I understand, Fernando is interested in having this document done
as a WG item, but hasn't gotten clear signals as to whether OPSEC or
TCPM would be more appropriate, or on the relative level of support in
the WGs to read/review/revise the material.

It is a big document, but if TCPM'ers could take a look at it and let
us know if they would support this in TCPM as a WG item, that would be
very helpful.  Or if you have other thoughts about how to handle it,
of course share those too :).

We don't really need a detailed review at this point ... just a
discussion of whether there would be support for this work to happen
in TCPM, if it's worthwhile, if it should be done somewhere else, etc.

---------------------------
Wes Eddy
Network & Systems Architect
Verizon FNS / NASA GRC
Office: (216) 433-6682
---------------------------



-- 
Fernando Gont
e-mail: fernando@xxxxxxxxxxx || fgont@xxxxxxx
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1




_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]