On Tue, Aug 02, 2011 at 05:40:18PM +0200, SCHARF, Michael wrote: > For whatever it is worth, the question of TCP extension vs. shim layer > seems to be somehow related to some discussions in the MPTCP WG last > year. In a different context, an expired ID > (http://tools.ietf.org/html/draft-scharf-mptcp-mctcp-01) discusses some > pros and cons of transport layer vs. shim layer+discovery by SYN > options. Not all of them are about implementation, and IMHO both > alternatives have disadvantages. Section 5.4 of RFC 6182 also includes > some thoughts.
Mark Handley is in fact one of the authors of tcpcrypt and RFC 6182 so we're working closely with him to figure out what the implications of TCP options are in practice. Section 5.4 of RFC 6182 concludes that TCP options are the right way to go and hopefully that applies to tcpcrypt too (we're working on it with Mark). All tcpcrypt authors agree that TCP is the right place for encryption from a design perspective, though the one practical downside are middleboxes. We're hoping we can "handle" most cases by downgrading to TCP by checking if the options make it through on the SYN / SYN-ACK. A pretty bad case is when the SYN is dropped. For us to better present an argument (or perhaps even change our design!) we're trying to figure out what the arguments are for an application layer approach as opposed to a transport one. Implementation has already come up. From a design perspective however, apart from middleboxes (or even more specifically, SYNs getting dropped) we'd be glad to hear more opinions on why the application layer might be more attractive.
