In your previous mail you wrote: > it seems T/TCP is dead because of some security issues. Correct (RFC 4614, section 5) but, unfortunately, these issues were apparently never properly documented (no "T/TCP deprecated" RFC) and it is hard to find a reference to a description of these security problems. => draft-agl-tcpm-sadata-01.txt section 9:
9. Comparison to T/TCP The idea of including data in frames which also carry a SYN flag isn't new: it was included in the experimental T/TCP RFCs 1379 [RFC1379] and 1644 [RFC1644]. T/TCP suffered because it broke the assumption that the source address of a new connection from a passive-open socket had been verified by a 3-way handshake. This was a critical security issue for applications like RSH which often used source address whitelists. Note for DNS poisoning cache issue it is more the destination address but the same argument applies... Regards [EMAIL PROTECTED] _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
