Re: RFC2385 (MD5 signature in TCP packets) support

David S. Miller (davem@redhat.com)
Fri, 15 Mar 2002 15:14:46 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David S. Miller: "Re: RFC2385 (MD5 signature in TCP packets) support"
Previous message: Balbir Singh: "readv() return and errno"

From: David Schwartz <davids@webmaster.com>
Date: Fri, 15 Mar 2002 15:11:39 -0800

On Fri, 15 Mar 2002 14:53:06 -0800 (PST), David S. Miller wrote:
>There is no reason to not be doing this MD5 garbage in
>userspace. Whoever thought to do this in the protocol
>itself was smoking something.

This same argument would apply to TCP itself, wouldn't it?

Not at all.

>Maybe I'm missing something, but I see no reason this MD5
>stuff belongs in the protocol and not in the APP.

How can a TCP-using application authenticate a RST?

Ignoring valid RST frames is illegal. If this RFC says to drop valid
RST frames just because the MD5 is bad, this RFC breaks TCP.

Franks a lot,
David S. Miller
davem@redhat.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David S. Miller: "Re: RFC2385 (MD5 signature in TCP packets) support"
Previous message: Balbir Singh: "readv() return and errno"