| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Jun 2009 01:28:49 -0300 From: Fernando Gont <fernando.gont@...il.com> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Security Assessment of TCP at the IETF -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, folks, In February this year the UK CPNI published the document "Security Assessment of the Transmission Control Protocol (TCP)" (available at: http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf) Earlier this year we published an IETF Internet-Draft version of this document (available at: http://www.gont.com.ar/drafts/tcp-security/draft-gont-tcp-security-00.txt) in the hope of having the IETF further work on the TCP security paper UK CPNI had published. My personal take (possibly biased, since I am the document author) is that this document has been the result of a lot of work (including the work of the many peple that reviewed the CPNI version of the document), and that the IETF should take this chance to work and publish something on the subject. The chairs of the TCPM Working Group of the IETF are currently polling the WG for input about this document. It would be great if you could voice your opinion about whether the TCPM should take this document on, and also whether you would be willing to review this document. (Bellow you'll find a copy of the TCPM chairs' poll) Please send your comments to tcpm@...f.org (and please CC me). Thanks! Kind regards, Fernando - -------- Original Message -------- Subject: [tcpm] poll for adopting draft-gont-tcp-security Date: Wed, 24 Jun 2009 14:25:04 -0500 From: Eddy, Wesley M. (GRC-MS00)[Verizon] <wesley.m.eddy@...a.gov> To: tcpm Extensions WG <tcpm@...f.org> TCPMers, there was a thread a while ago about working on draft-gont-tcp-security in this working group that didn't conclusively give us a feeling one way or other: http://www.ietf.org/mail-archive/web/tcpm/current/msg04489.html Basically, my understanding is that there are at least a handful of people in the WG that think it should be done here as a WG item (more likely for Informational rather than BCP), and there are also some expressed opinions on why it shouldn't. Given the raw size of the document, if the WG intends to take this document on, then we need some people to clearly commit to putting cycles into review and contributions to the document. Since it is quite large, and to my knowledge, there hasn't been a specific technical review of the content on this list, but just discussions about if the idea in general is a good or bad thing, we still need to know if people are willing to invest their time and energy in this. Please let us know if there is traction for this in the near term, and/or we can also discuss it in Stockholm. - --------------------------- Wes Eddy Network & Systems Architect Verizon FNS / NASA GRC Office: (216) 433-6682 - --------------------------- _______________________________________________ tcpm mailing list tcpm@...f.org https://www.ietf.org/mailman/listinfo/tcpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iQEcBAEBCAAGBQJKRE58AAoJEJbuqe/Qdv/xCPoH/AhdvNcTejJqoOE1J/gDc2Yc Iw+GIUgW73sWBuh0ib5oQxv85tvEjQzLOpQtNPdX6ljm96A7ufl3uzB6DBzj3JoF O3mqRWf/yFgWxNA7Kmv/FFPf271CUHpnxbnoYBGSeHKb78lS3WnLJukW8F2l+FPl 2QZJp0wn6/g2TJFgWoIHtrbHovHboZQtopzfyJWirzVeL+3dGinden3IH6HKDth/ t+0kyxlN07sBQDqebNvif6nxf4xU7kPdUap4i00EKhH5WTr49XDD46E1sP9d695i MhW1lhZ1jeVkjz/MycuotSKXN/JIiFM6NV5i3vm5vnOkgAjMou7iEULdG/0Xqn8= =/HE4 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists