On 2014-7-28, at 15:28, Eric Rescorla <[email protected]> wrote: > > On Mon, Jul 28, 2014 at 6:08 AM, Derek Fawcus > <[email protected]> wrote: > > Yes. At least the RST flag. > > Unfortunately RST is precisely the situation that's most problematic, > because it's also how the other side behaves when it has lost state, > perhaps due to a reboot.
+1 Protecting the RST is therefore probably impossible. > So, it seems like we at least want RST > protection to be optional. I don't think it even works as an option, because if the other side has lost state, it needs to send an unprotected RST. > And if we're not protecting RST, it's > generally not worth protecting other headers, AFAICT. +1 Lars
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
