Re: TCP/BGP vulnerability - easier than you think

[Simon Leinen <simon () limmat switch ch>]

Priscilla,

> Questions arose while trying to explain proposed TCP fixes to my
> students. Can y'all help me with these?

> We were going over the "Transmission Control Protocol security
> considerations draft-ietf-tcpm-tcpsecure-00.txt" document here when
> the questions arose:

> http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt

Meta-response: look at the discussion over at the IETF, in the tcpm
Working Group.  There's a nice summary as well as some interesting
discussion on possible issues with these fixes.

Unfortunately, the tcpm mailing list archive seems to be accessible
via FTP as large monthly mailbox files only, so I cannot point you to
the relevant individual messages.  The threads are called "new work
item: TCP security issue" and "draft-ietf-tcpm-tcpsecure".  (There's
also a lot of process discussion in there, about the way this issue
was initially handled by a closed group and then presented as a work
item for the working group.  This is interesting but only marginally
helpful to understand the technical content of the changes.)

Oh no, wait, there's another mail archive for tcpm (not listed on the
"official" WG page (http://www.ietf.org/html.charters/tcpm-charter.html):

The threads start in
  https://www1.ietf.org/mail-archive/working-groups/tcpm/current/msg00086.html
  https://www1.ietf.org/mail-archive/working-groups/tcpm/current/msg00095.html

A nice summary of the changes by David Borman:
  https://www1.ietf.org/mail-archive/working-groups/tcpm/current/msg00130.html

Hope this helps,
-- 
Simon.