On 11 February 2015 at 18:55, David Mazieres <[email protected]> wrote: >> I mean, if we protect the FIN and RST bit,s once the security >> association between the endpoints has ocurred, an external attacker is >> unable to disable the encryption, i believe. > > I agree, which is why I would like to see an option for protecting such > metadata. I do think the FIN and RST should be considered separately, > though, because FIN is easier to deal with and arguably worse. RST is > potentially more controversial, so we would ideally have both options > selectable by the administrator, default to something conservative but > in the end let users and administrators vote with their configuration...
Both need to be protected equally to mitigate the attack. Fail to protect either and attackers will use that one. The difference is in the consequences of protection. We could see a lot more connections enter zombie states if RST is protected (and protection is insisted upon); protecting FIN maybe less so. _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
