lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <6aab053a0906261201hb177a25n3befabf50c2123a2@mail.gmail.com>
Date: Fri, 26 Jun 2009 18:01:37 -0100
From: Fernando Gont <fernando.gont@...il.com>
To: Hal Wigoda <hwigoda@...dspring.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: Security Assessment of TCP at the IETF

Please check again. They links do work.


On Fri, Jun 26, 2009 at 3:41 PM, Hal Wigoda<hwigoda@...dspring.com> wrote:
> sorry, but the links do not work.
>
>
> On Jun 25, 2009, at 11:28 PM, Fernando Gont wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Hello, folks,
>>
>> In February this year the UK CPNI published the document "Security
>> Assessment of the Transmission Control Protocol (TCP)" (available at:
>> http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf)
>>
>> Earlier this year we published an IETF Internet-Draft version of this
>> document (available at:
>> http://www.gont.com.ar/drafts/tcp-security/draft-gont-tcp-security-00.txt)
>> in the hope of having the IETF further work on the TCP security paper UK
>> CPNI had published.
>>
>> My personal take (possibly biased, since I am the document author)
>> is that this document has been the result of a lot of work (including
>> the work of the many peple that reviewed the CPNI version of the
>> document), and that the IETF should take this chance to work and publish
>> something on the subject.
>>
>> The chairs of the TCPM Working Group of the IETF are currently polling
>> the WG for input about this document. It would be great if you could
>> voice your opinion about whether the TCPM should take this document on,
>> and also whether you would be willing to review this document. (Bellow
>> you'll find a copy of the TCPM chairs' poll)
>>
>> Please send your comments to tcpm@...f.org (and please CC me).
>>
>> Thanks!
>>
>> Kind regards,
>> Fernando
>>
>>
>>
>>
>> - -------- Original Message --------
>> Subject: [tcpm] poll for adopting draft-gont-tcp-security
>> Date: Wed, 24 Jun 2009 14:25:04 -0500
>> From: Eddy, Wesley M. (GRC-MS00)[Verizon] <wesley.m.eddy@...a.gov>
>> To: tcpm Extensions WG <tcpm@...f.org>
>>
>> TCPMers, there was a thread a while ago about working on
>> draft-gont-tcp-security in this working group that didn't
>> conclusively give us a feeling one way or other:
>> http://www.ietf.org/mail-archive/web/tcpm/current/msg04489.html
>>
>> Basically, my understanding is that there are at least a
>> handful of people in the WG that think it should be done
>> here as a WG item (more likely for Informational rather
>> than BCP), and there are also some expressed opinions on
>> why it shouldn't.
>>
>> Given the raw size of the document, if the WG intends to
>> take this document on, then we need some people to clearly
>> commit to putting cycles into review and contributions to
>> the document.  Since it is quite large, and to my knowledge,
>> there hasn't been a specific technical review of the content
>> on this list, but just discussions about if the idea in
>> general is a good or bad thing, we still need to know if
>> people are willing to invest their time and energy in this.
>>
>> Please let us know if there is traction for this in the
>> near term, and/or we can also discuss it in Stockholm.
>>
>> - ---------------------------
>> Wes Eddy
>> Network & Systems Architect
>> Verizon FNS / NASA GRC
>> Office: (216) 433-6682
>> - ---------------------------
>>
>> _______________________________________________
>> tcpm mailing list
>> tcpm@...f.org
>> https://www.ietf.org/mailman/listinfo/tcpm
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (MingW32)
>>
>> iQEcBAEBCAAGBQJKRE58AAoJEJbuqe/Qdv/xCPoH/AhdvNcTejJqoOE1J/gDc2Yc
>> Iw+GIUgW73sWBuh0ib5oQxv85tvEjQzLOpQtNPdX6ljm96A7ufl3uzB6DBzj3JoF
>> O3mqRWf/yFgWxNA7Kmv/FFPf271CUHpnxbnoYBGSeHKb78lS3WnLJukW8F2l+FPl
>> 2QZJp0wn6/g2TJFgWoIHtrbHovHboZQtopzfyJWirzVeL+3dGinden3IH6HKDth/
>> t+0kyxlN07sBQDqebNvif6nxf4xU7kPdUap4i00EKhH5WTr49XDD46E1sP9d695i
>> MhW1lhZ1jeVkjz/MycuotSKXN/JIiFM6NV5i3vm5vnOkgAjMou7iEULdG/0Xqn8=
>> =/HE4
>> -----END PGP SIGNATURE-----
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ