[[ Here I am arguing for the inclusion of TCP spoofing... I am
losing it. Someone slap me! ]]
> It sounds like its almost coming down to a matter of semantics. I
> would propose that if a 'grey' mechanism results in a modified,
> but clearly identified, TCP stream, it may be included. If the
> result is clearly NOT TCP (and I would include UDP here) then it
> shouldn't be included. Some spoofing terminates TCP at gateways
> and uses a more link-sensitive protocol between them. This is
> clearly not TCP and shouldn't be included - in my opinion.
It does not necessarily have to be UDP or some other protocol. It
could be TCP (or some varient of TCP).
For instance, a gateway on the internet can absorb traffic fasters
than a host on the far side of a satellite link (even if the sender
is using a small window). So, it breaks the TCP connection. It can
then use a TCP connection with an appropriate window size over the
satellite channel. So, it is not necessarily using a different
protocol, just a version of the protocol that is more suited to the
environment.
So, I think the result *may* be easily identified as TCP (although,
I agree that it can also be half TCP and half something else).
Of course, spoofing does break the end-to-end semantics of TCP which
would argue that it is no longer a TCP mechanism. But, it does seem
to impact the TCP connection in a very real way. So, I am still
leaning towards including spoofing. Furthermore, I would like to
hear from more folks (privately or on the list) about their opinions
on the matter.
allman
This archive was generated by hypermail 2b29 : Mon Feb 14 2000 - 16:14:37 EST