Markdown Version | Session Recording

Session Date/Time: 18 Mar 2024 05:30

tcpm

Summary

The TCPM working group meeting covered several topics including updates on existing drafts and discussions on new proposals. Key discussions revolved around the PRR (RFC 6937bis) draft, the TCP Read Request TAR option, and a novel service authentication mechanism for TCP-based applications. A significant portion of the meeting was dedicated to a new research finding termed "Ghost Acts" and its implications for TCP security.

Key Discussion Points

• RFC 6937bis (PRR):
  • Discussion on concluding the last calls for the draft.
  • Clarification on implementation status across different TCP stacks (Linux, FreeBSD, Windows).
  • Debate on initialization of recover flight size and its relation to congestion window versus flight size.
• TCP Read Request TAR Option:
  • Update on draft version 4 addressing previous IETF comments.
  • Clarification on TAR overriding delayed ACKs and interactions with other TCP specifications.
  • Discussion on implementation status and potential engagement with implementers.
  • Concerns raised about the safety of the option in the presence of ACK thinning devices and the need for data demonstrating its performance.
• Service Authentication for TCP-Based Applications:
  • Presentation of a new TCP option for service affinity.
  • Concerns raised about the appropriate layer for implementing this functionality, with suggestions to explore TLS or tunneling.
  • Security concerns regarding potential hijacking and DDoS attacks.
• Ghost Acts:
  • Presentation on the "Ghost Acts" phenomenon - acknowledgement of unscent data.
  • Discussion of the implications for TCP spoofing and injection attacks.
  • Confirmation that major operating systems are affected.
  • Linux mitigation and potential standardization efforts.

Decisions and Action Items

• RFC 6937bis (PRR): Chairs agreed to move the draft forward for publication, pending no further objections.
• TCP Read Request TAR Option: Authors to consider feedback on potential safety concerns and the need for supporting data. Discussions with Matt Mathis ongoing.
• Ghost Acts: The chairs suggested the researchers develop a short draft to document the problem and discuss potential solutions.

Next Steps

• RFC 6937bis (PRR): Proceed to IETF last call.
• TCP Read Request TAR Option: Authors to address safety concerns and potentially engage with implementers.
• Service Authentication for TCP-Based Applications: Continued discussion on the mailing list.
• Ghost Acts: Researchers to consider writing a short draft.
• General: Submit agenda requests for the next IETF meeting two weeks before the event.