From: Steve Bellovin To: Aaron Falk Subject: dccp Date: Wed, 16 Jul 2003 16:53:52 +0200 Here are my notes to myself. To quote the classic Unix comment, "you are not expected to understand this". I pointed out a few more security issues with service names to Mark. It occurs to me that there's another path to explore, either along with or instead of service names as a midbox controller. Define midbox control options instead of requiring the midbox to parse the application protocol. i.e., one such option might be "open the following tcp/udp/dccp ports from the following hosts". It makes it clearer -- to the OS and to the midbox -- what privileges are being granted, and hence makes it easier to pass them through an authorization filter. ----- Header compression with SCTP? Partial checksum not useful with ESP-nullcrypt See new security considerations for udp-lite sequence number guessing? examine implicit high-order bytes for sequence number? no rfc1948 API to support additional oob sequence for md5s? use hmac for challenge/response? service name somewhat dubious service name vs. ipsec service name to spoof midbox? +0.1 on mobility sounds like role-playing game mobility very useful for multi-homed, as in sctp having some security at transport or network may prevent easy DOS attack oob signaling much harder for midboxes Use receiver-assigned connection ID to speed state table lookup? --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com (2nd edition of "Firewalls" book)