On 30 July 2014 10:25, Daniel Kahn Gillmor <d...@fifthhorseman.net> wrote: > saying "optional protection" implies a bunch of complexity that bears on > interoperability and negotiation issues; those really need to be nailed > down to be evaluated properly.
One of those pieces of complexity is the handling of failures. Obviously, there is no benefit to having protection if you do nothing when someone has messed with your segments. I see two potential failure paths here: in one, hosts adaptively respond to damage by reducing what is protected. That is in line with the opportunistic nature of the mechanism, but it allows an attacker to erode any optional protections. The other failure mode is where you kill the connection in response to modifications, and we thereby create a disincentive to deploy tcpinc. _______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc
