[e2e] Can we revive T/TCP ?
michael.welzl at uibk.ac.at
Mon Dec 26 10:31:32 PST 2005
Here's something that I've had on my mind for quite a while now:
I'm wondering why T/TCP ( RFC 1644 ) failed. I mean, nobody seems
to use it. I believe someone explained this to me once (perhaps even
on this list? but I couldn't find this in the archives...), saying that
were security concerns with it, but I don't remember any other details.
So - is that all? If so, I'm wondering what kind of security concerns
there could be. I can imagine more danger from DDoS floods (the
first packet already causes the web site request to be processed!),
and I can imagine that some other concerns would relate to
authentication - but what about IPSec, then?
I don't understand why a web browser of someone doing telebanking
with IPSec (not in tunnel mode) needs to set up a new connection
whenever a link is clicked. There is a similar problem in the Grid,
connections are set up and torn down whenever Grid Services are
called even though every participant in the Grid is authenticated.
In general, this delay is relatively small in comparison to other overhead
(SOAP message processing, etc.), but it's there, and it seems avoidable
to me. Also, it could become significant if a Grid node is far away, or
the network is congested (a SYN could be dropped).
What is it I'm missing?
More information about the end2end-interest