El 12/02/15 a las 00:07, Martin Thomson escribió:
On 11 February 2015 at 18:55, David Mazieres
<[email protected]> wrote:
I mean, if we protect the FIN and RST bit,s once the security
association between the endpoints has ocurred, an external attacker is
unable to disable the encryption, i believe.
I agree, which is why I would like to see an option for protecting such
metadata. I do think the FIN and RST should be considered separately,
though, because FIN is easier to deal with and arguably worse. RST is
potentially more controversial, so we would ideally have both options
selectable by the administrator, default to something conservative but
in the end let users and administrators vote with their configuration...
Both need to be protected equally to mitigate the attack. Fail to
protect either and attackers will use that one.
agree
The difference is in
the consequences of protection. We could see a lot more connections
enter zombie states if RST is protected (and protection is insisted
upon); protecting FIN maybe less so.
i guess that depends on the solution we pick, but yes, protecting RSTs
is more challenging.
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
