John-Mark Gurney wrote this message on Mon, Aug 18, 2014 at 15:42 -0700:
> I have reviewed the security considerations on the other proposals,
> and I must say that they need to be fleshed out... The TLS one is
> especially lacking in details... It says nothing about various attacks
> that it is vulnerable to... The others aren't much better...
Just for the proposals, I feel that a minimum of the following should
be included in the security considerations section:
1. What happens upon spoofed packets, including fake and replayed
packets
2. What happens upon deleted data
3. How are attackers able to force close your connection, if any.
I'm sure others have ideas of what should be included.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
