In the Honolulu meeting we had long discussion about whether to protect the TCP headers or not. There were several people who considered the main idea of tcpinc, to be to protect against passive attacks, and did not care that much about active attacks, i.e. didn't care for protection of the TCP headers. There were also few people in favor of protection of header bits, i.e. protect against active attacks.
Everybody wanted to protect data for integrity, i.e. MAC of data stream and protection against replay. As most people in he meeting did not seem to want to have protection against active attacks, it was decided that those people who do want protect TCP header, would send email to the list and explain why they want it and what features needs to be protected. I sent out the request for such comments at 2014-11-15: http://www.ietf.org/mail-archive/web/tcpinc/current/msg00393.html In my analysis of the email thread, there were two people who said they would like to have some TCP features to be protected: http://www.ietf.org/mail-archive/web/tcpinc/current/msg00396.html http://www.ietf.org/mail-archive/web/tcpinc/current/msg00403.html There were more than dozen people discussing this in the meeting, and while people expressed opinions supporting the two options, we believe that there is more support for going for not protecting the header. Moreover, we believe that at this stage it is more important to make a decision and move forward. Based on this the tcpinc chairs have decided that we will go with the option of NOT protecting the TCP headers. This means that in Dallas IETF we should work forward based on this decision. -- [email protected] _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
