[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: threats ID
On 20-jan-04, at 12:25, marcelo bagnulo wrote:
In any case this does not prevent combining the two drafts, which will
be much easier for readers, e.g.:
Part 1: threats that only affect network layer solutions
Part 2: threats that affect both network and transport layer solutions
Part 3: threats that only affect transport layer solutions
Yes, or other option is to make an analysis for IP layer solutions and
another for transport layer, but in any case IMHO we should clearly
undestand the differences between the two cases.
I think it's an important observation that working per identifier pair
or working per session have some very different security aspects.
Which of course begs the question: which is the better approach? I'm
not much in favor of having to do a time consuming negotiation for each
TCP or UDP "session", as many sessions have a lifetime of only a few
packets. (On the other hand this could finally make HTTP implementers
clean up their act and not start upwards of 10 TCP sessions per
second...) On the other hand, "fool me once, redirect my traffic
forever" isn't all that appealing either.
I think there is some middle ground here, where sessions can be grouped
in such that an optimal tradeoff between increased risk and decreased
performance is found. However, this probably means the MH layer needs
to know more than a few intimate details of what the transport
protocols are up to.