On Mon, Mar 16, 2015 at 09:50:35PM +0000, ianG wrote: > On 16/03/2015 15:43 pm, marcelo bagnulo braun wrote: > >We would like to ask the WG to express their support to adopt one (or > >none) of the following documents as WG document that will serve as a > >basis for the protocol specification. Of course, the draft, if adopted, > >will need to updated according to the WG input. In particular, they need > >to be updated to not protect the TCP header. > > > > > >The candidate drafts are: > > > >https://datatracker.ietf.org/doc/draft-bittau-tcpinc-tcpcrypt/ > > Tcpcrypt for me. It's up, working, got the experience.
Agreed. Needs adjusting, but I think it is a reasonable starting point. > >https://datatracker.ietf.org/doc/draft-rescorla-tcpinc-tls-option/ > > I just can't see grafting a heavyweight protocol into TCP as being a > sensible path. Maybe I'm wrong, but I just don't see it. Agreed. This thing might end up being implemented in supervisor mode, where complexity is really expensive and consequences of mistakes are really severe. What it would take to simplify TLS down to acceptable complexity (and fix the security flaws!) would yield protocol that looks pretty much nothing like TLS. And it is questionable if security analyses would still hold. Heck, there's an RFC about attacks against TLS. Less than half year since last update, but: - Contains an attack that is only fixed in TLS 1.3 draft (not even draft extension to fix it in TLS 1.2). - Contains an attack that has no standardized fix yet (and hits anondh practicularly bad). - Already missing at least 3 attacks, 2 of those apply to reasonably modern stuff (not "you should already have deimplemented this a LONG time ago!") and the other of those 2 is unfixed even in TLS 1.3 draft. -Ilari _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
