From owner-freebsd-net@FreeBSD.ORG Sun Mar 26 14:44:57 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6417B16A420 for ; Sun, 26 Mar 2006 14:44:57 +0000 (UTC) (envelope-from barney@databus.com) Received: from pit.databus.com (p72-0-224-2.acedsl.com [72.0.224.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id F377243D48 for ; Sun, 26 Mar 2006 14:44:56 +0000 (GMT) (envelope-from barney@databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.13.4/8.13.4) with ESMTP id k2QEitLW005287 for ; Sun, 26 Mar 2006 09:44:55 -0500 (EST) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.13.4/8.13.4/Submit) id k2QEitVY005286 for net@freebsd.org; Sun, 26 Mar 2006 09:44:55 -0500 (EST) (envelope-from barney) Date: Sun, 26 Mar 2006 09:44:55 -0500 From: Barney Wolff To: net@freebsd.org Message-ID: <20060326144455.GA2856@pit.databus.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.11 X-Scanned-By: MIMEDefang 2.53 on 66.114.72.185 Cc: Subject: [braden@ISI.EDU: Re: [e2e] Can we revive T/TCP ?] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Mar 2006 14:44:57 -0000 Perhaps of some relevance ... At least two of the negatives apply to any conceivable t/tcp replacement. ----- Forwarded message from Bob Braden ----- X-Sender: braden@boreas.isi.edu (Unverified) Date: Fri, 24 Mar 2006 11:11:15 -0800 To: Michael Welzl From: Bob Braden In-Reply-To: <001301c60a4a$9831dc60$0200a8c0@fun> Cc: end2end-interest@postel.org Subject: Re: [e2e] Can we revive T/TCP ? At 07:31 PM 12/26/2005 +0100, Michael Welzl wrote: >Hi everybody, > >Here's something that I've had on my mind for quite a while now: >I'm wondering why T/TCP ( RFC 1644 ) failed. I mean, nobody seems >to use it. I believe someone explained this to me once (perhaps even >on this list? but I couldn't find this in the archives...), saying that >there >were security concerns with it, but I don't remember any other details. As the designer of T/TCP, I think I can answer this. There are three reasons, I believe. (1) There are very few situations in which single-packet exchanges are possible, so T/TCP is very seldom a significant performance improvement. But it does have significant complexity. (2) Since the server is asked to do a perhaps signficant computation before the 3WHS has completed, it is an open invitation to DoS attacks. (This would be OK if you could assume that all T/TCP clients were authenticated using IPsec,) (3) I have heard rumors that someone has found an error in the specific state transitions, of T/TCP although I have never seen the details. Bob Braden ----- End forwarded message ----- -- Barney Wolff http://www.databus.com/bwresume.pdf I never met a computer I didn't like.