I agree with the three points below, especially that it provides no enumeration on behavior.
I would say that figure 1 does indicate that there is significant deployment of nodes (within enterprise networks) that without being able to provide the specific behavior, its fair to guess that they will be a large chance for protocol manipulation. With the range of types of middle boxes and their deployment density, this figure tells me that the chances of a tcpinc session getting out of an enterprise network unmolested would be small, it would be good to have definitive data but in absence of that I believe this is a valid datapoint as a starting point. Kevin On 7/30/14 11:29 AM, "Daniel Kahn Gillmor" <[email protected]> wrote: >> >> [1] A Survey of Enterprise Middlebox Deployments >> Justine Sherry and Sylvia Ratnasamy >> EECS Department >> University of California, Berkeley >> http://www.eecs.berkeley.edu/Pubs/TechRpts/2012/EECS-2012-24.html > >This document describes size, maintenance, and lifecycle concerns around >middleboxes on enterprise networks. But it doesn't describe the >behavior of specific middleboxes, which is the relevant bit for this >discussion. > >middleboxes that are willing to let encrypted traffic pass unmolested, >and that don't strip TCP options, aren't a problem for tcpinc. > >We know that middleboxes exist; what we won't know without more >measurements is what sort of damage they will inflict on adopters of any >of the proposed forms of tcpinc. > > --dkg > _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
