There's a new TCP-ENO draft in the usual place:
https://datatracker.ietf.org/doc/draft-ietf-tcpinc-tcpeno/
This draft addresses last call comments we received. Other than some
typos, the main changes are to update the requirements language (section
1) to use RFC8174 and to add a new section 8.5. Since 8.5 contains new
language, we'd appreciate other eyes on this paragraph (even just
comments saying "looks fine" would be helpful):
8.5. Unpredictability of session IDs
Section 5.1 specifies that all but the first (TEP identifier) byte of
a session ID MUST be computationally indistinguishable from random
bytes to a network eavesdropper. This property is easy to ensure
under standard assumptions about cryptographic hash functions. Such
unpredictability helps security in a broad range of cases. For
example, it makes it possible for applications to use a session ID
from one connection to authenticate a session ID from another,
thereby tying the two connections together. If furthermore helps
ensure that TEPs do not trivially subvert the 33-byte minimum length
requirement for session IDs by padding shorter session IDs with
zeros.
Thanks,
David
_______________________________________________
Tcpinc mailing list
Tcpinc@ietf.org
https://www.ietf.org/mailman/listinfo/tcpinc
