On Mon, Dec 14, 2015 at 4:50 PM, Alexey Eromenko <al4321@xxxxxxxxx> wrote: >>> Just moving to TCP/IP to CRC32 will *not* solve the issue of >>> middleboxes mangling our data. >>> >> >> isn't the solution to all of this to just use TLS ? (or DTLS for udp) >> > > TLS/SSL is one solution; But there needs to be a solution for > unencrypted traffic also. sure: "Move to encrypted traffic" providing any real 'security' (or even 'people did not muck with my packet') without real crypto is going to send the wrong message. > TCP is supposed to guarantee end-to-end reliability, but sometimes it > doesn't. (and with 2^16 checksums, at modern 1 Gig home links, it > really can't...) it SEEMS to work just fine... right? or did I miss the general up roar from users who can't access internet things? I suppose: "Why are we trying to solve this in tcp/udp? why not solve this at the application layer with TLS?"