[p2p-hackers] IETF rejects Obfuscated TCP
matthew at matthew.at
Thu Aug 21 13:43:51 EDT 2008
Alex Pankratov wrote:
> This pretty bold statement is largely incorrect based on my own
> experience. I'm not exactly sure who you are referring to as
> "p2p people", but the excessive round-trips are hardly viewed
> as "frustrating" by any of networking devs I know.
For certain types of applications, extra round trips at start are a
really big deal. As an example, setting up a VoIP call to someone 1/3rd
of the way around the globe. Every round trip wasted (on things like
setting up a connection before even starting to exchange security
information) before you can confirm that the far end is alerting is a
very noticeable delay between click (or last digit dialed) and ringback.
Because there are preexisting expectations about how long it takes to
set up a phone call, this is even more user-annoying than extra delay
between clicking "search" and getting the search results displayed.
At amicima, we were networking developers who were *very* aware of
wasted round trips... we designed a secure transport protocol that takes
2 round trips to do a secured and authenticated session setup, including
protection against SYN-flood type attacks, and designed in features like
the ability to use data exchanged during that setup as nonce material
that can be signed by higher authentication layers, rather than having
to waste another half-round-trip sending the data you want signed by the
other end. Similarly, we designed a NAT-traversal scheme that runs in
parallel with session establishment rather than wasting many round trips
on address-gathering before it starts.
So there are such "p2p people" who care a whole lot about these
excessive round trips, find them "frustrating", think that users will
appreciate efforts taken to reduce them, and have done something about that.
ps. For those who don't know the history, the next generation of the
above-mentioned protocol is now known as RTMFP and is already shipping
in the beta version of Flash Player 10.
More information about the p2p-hackers