ianG <[email protected]> writes: > I'm wondering why there is consideration of these active attacks. In my > mind it is fairly clear that the proposal for tcpinc is for passive > protection only.
One reason is that if we go through all the trouble of getting tcpinc out there and deployed, it would be a great shame if we had done 99% of the work to protect against active attackers and then left a bunch of security on the table. In part because of this, the tcpinc charter specifically calls for integrity protection and external authentication hooks. External authentication is kind of meaningless if you don't have data integrity. Moreover, most integrity attacks undermine confidentiality as well. (That's the reason cryptographers tell us to MAC ciphertexts rather than encrypt authenticated plaintexts). > We know it is trivial for an active attacker to knock out the tcpinc > additional exchange and force a fallback to cleartext. Why do we care > beyond that? Well, if our effort is successful, then one possible outcome is that most honest middleboxes allow tcpinc through, and which point applications can use the authentication hooks to ensure tcpinc. David _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
