(thanks for the minutes, to Paul and Tero) On 15/11/2014 04:02 am, Tero Kivinen wrote:
As we discussed in the meeting, everybody who cares about the integrity protection of the services provided by the TCP headers should send email to the list and explain why TCP header bit X should be integrity protected, and what kind of attacks are possible if we do not protect it.
I'm wondering why there is consideration of these active attacks. In my mind it is fairly clear that the proposal for tcpinc is for passive protection only.
We know it is trivial for an active attacker to knock out the tcpinc additional exchange and force a fallback to cleartext. Why do we care beyond that?
iang _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
