Tero, Although I can't disagree with your assessment of the direct discussion on protecting TCP headers, the conclusion below seems to ignore the discussion on "Forcing the restart of a TCPINC connection".
I wonder how people think their solution will magically protect against forced restarts if the TCP header isn't included. Joe On 3/11/2015 5:24 AM, Tero Kivinen wrote: > In the Honolulu meeting we had long discussion about whether to > protect the TCP headers or not. There were several people who > considered the main idea of tcpinc, to be to protect against > passive attacks, and did not care that much about active attacks, > i.e. didn't care for protection of the TCP headers. There were > also few people in favor of protection of header bits, i.e. > protect against active attacks. > > Everybody wanted to protect data for integrity, i.e. MAC of data > stream and protection against replay. As most people in he > meeting did not seem to want to have protection against active > attacks, it was decided that those people who do want protect TCP > header, would send email to the list and explain why they want it > and what features needs to be protected. > > I sent out the request for such comments at 2014-11-15: > > http://www.ietf.org/mail-archive/web/tcpinc/current/msg00393.html > > In my analysis of the email thread, there were two people who > said they would like to have some TCP features to be protected: > > http://www.ietf.org/mail-archive/web/tcpinc/current/msg00396.html > http://www.ietf.org/mail-archive/web/tcpinc/current/msg00403.html > > There were more than dozen people discussing this in the meeting, and > while people expressed opinions supporting the two options, we believe > that there is more support for going for not protecting the header. > Moreover, we believe that at this stage it is more important to make a > decision and move forward. > > Based on this the tcpinc chairs have decided that we will go with > the option of NOT protecting the TCP headers. > > This means that in Dallas IETF we should work forward based on > this decision. > _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
