On 7/19/2017 11:39 AM, [email protected] wrote: >> Doing tricks to demonstrate that an attacker (i.e., something that >> modifies TCP segments on path) can do otherwise should not be considered >> a viable alternative. > [Med] We are defining an application proxy that assist the user to maximize > the use of its available network resources. The proxy relies on IETF defined > BCPs (defined by behave and tsvwg) to relay TCP packets. Application proxies don't relay TCP segments. They don't even see TCP segments.
And they can't work unless the client opens a connection to the proxy; if the client opens a connection to the server, then intercepting and modifying the TCP segments in-flight is called an attack on TCP. Joe
_______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
