From owner-freebsd-arch  Fri Jun  8 19:56:27 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39])
	by hub.freebsd.org (Postfix) with ESMTP id EA0CC37B403
	for <freebsd-arch@FreeBSD.ORG>; Fri,  8 Jun 2001 19:56:23 -0700 (PDT)
	(envelope-from silby@silby.com)
Received: (qmail 94617 invoked by uid 1000); 9 Jun 2001 02:56:22 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 9 Jun 2001 02:56:22 -0000
Date: Fri, 8 Jun 2001 21:56:22 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: Don Lewis <Don.Lewis@tsc.tdk.com>
Cc: <freebsd-net@FreeBSD.ORG>, <freebsd-arch@FreeBSD.ORG>
Subject: Re: New TCP sequence number generation algorithm; review needed
In-Reply-To: <200106090056.RAA16800@salsa.gv.tsc.tdk.com>
Message-ID: <20010608214621.V94603-100000@achilles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG


On Fri, 8 Jun 2001, Don Lewis wrote:

> Why not combine the two schemes and feed the random per-host data from
> the cloned route entry into the RFC1948 algorithm?  This doesn't solve
> Terry's objection, though.

That thought had occured to me, but I'm not sure it would actually add any
security.  I've been requested to pose the algorithm to people from
outside the FreeBSD project and what they think about its strength.  When
I hear back from them, I'll post more details.

Terry needs to clarify his objections.  #3 is the only one which is
definitely valid.

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message