[e2e] Re: [Tsvwg] Really End-to-end or CRC vs everything
David P. Reed
dpreed at reed.com
Fri May 25 13:51:51 PDT 2001
At 09:31 PM 5/24/01 -0700, you wrote:
>As best i follow it, doing checksums "down in some nic" is exactly
>what the iscsi group (and less so sctp) are proposing.
IMO, that would be *very* bad. Craig Partridge told me that in studying
sources of checksum errors observed on the Internet, a frequent source was
in the data transfer between the host memory and the NIC card, where
synchronization problems caused data to be lost with non-trivial probability.
>But *why* is crc32 thought to be better than a 32-bit mod-2^32
>checksum or a fletcher checksum with two 16-bit halves?
>A citation would be wonderful.
Why seems to be because the types of errors that won't be detected are
fewer. But this depends on an "error model", and I'm not convinced that
any error model really applies to an Internet case, where the channel
characteristics are not known, and may change as new router and switch
designs are added (those being the likely source of most errors).
>[... md5 as an error-check function to defeat would-be middleboxers...]
>If you put that in the transport layer, won't that makes communication
>without a shared-secret impossible? At least without using some other
>transport protocol, to bootstrap a D-H or SPEKE or other initial key exchange.
An "open secret" could be used when you don't have a shared secret (that
is, you could use something like a key transmitted in the connection open
packet, which would still protect you from middleboxers in many cases,
since they don't necessarily maintain per-connection state). But the
details can be worked out on a per-application basis. This was not
intended to be a fully baked design, but instead just an aspiration level
derived from thinking about a larger set of end-to-end data integrity issues.
WWW Page: http://www.reed.com/dpr.html
More information about the end2end-interest