Wesley Eddy wrote: > > The draft Adam submitted to the TCPM working group was on only one part > of Obfuscated TCP that allows data to be carried on the SYN-ACK packet.
I'm sure this was a lively discussion indeed! Can you summarize the major objections to such an approach? At worst I could see routers dropping these packets, but I can't imagine anything really bad would happen (else you could just crash routers by sending malformed packets -- something they're obviously designed to endure). > In addition to the questions on design for carrying data on the SYN-ACK, > there were serious security issues raised with the Obfuscated TCP design > and its lack of crypto-agility. Was it tied to a single encryption scheme? Why not just fall back on SSL? Indeed, I'm not sure why you'd need a payload in the SYN-ACK at all: I would think a simple bit saying: SYN: Hi, let's set up a TCP connection. Also, I support SSL. SYN-ACK: Cool, once we're set up, let's switch to SSL. ACK: Roger that. Next packet will be SSL; I'm assuming the same of you. After all, key exchange and all the other SSL junk will take a ton more packets than a simple 3-way-handshake. Perhaps I'll need to read up on that spec. -david _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
