[p2p-hackers] IETF rejects Obfuscated TCP

Alex Pankratov ap at poneyhot.org
Wed Aug 20 14:59:48 EDT 2008



> -----Original Message-----
> From: owner-cryptography at metzdowd.com [mailto:owner-
> cryptography at metzdowd.com] On Behalf Of Eric Rescorla
> Sent: August 20, 2008 10:31 AM
> To: Alex Pankratov
> Cc: 'theory and practice of decentralized computer networks';
> cryptography at metzdowd.com
> Subject: Re: [p2p-hackers] IETF rejects Obfuscated TCP

[snip]

> May I ask what you're trying to accomplish? Recall that TLS doesn't
> start until a TCP connection has been established, so there's
> aready a proof of the round trip.
> 
> That said, a mechanism of this type has already been described
> for DTLS (RFC 4347), so no new invention would be needed.

My comment was in a context of a thread discussing Obfuscated TCP.

One of the suggestions was to piggyback SSL handshake on TCP 
handshake, to which someone pointed at an issue with SYN-flood 
like DoS attacks. My response was to the latter comment.

Alex



More information about the p2p-hackers mailing list