Subject: Re: Enabling TCP RFC 1948
To: None <tech-net@NetBSD.org>
From: Elad Efrat <elad@NetBSD.org>
List: tech-net
Date: 10/16/2006 00:45:17
Steven M. Bellovin wrote:

> I'm not sure what the issue is.  I suspect it's
> http://www.cert.org/advisories/CA-2001-09.html and the paper it's based on,
> http://www.thenewsh.com/~newsham/random-increments.pdf -- that identifies
> some possible remaining issues with 1948 code.  The problem is that
> "better" fixes have the potential of breaking TCP correctness.
> 
> Anyway -- the proposal on the table isn't to make 1948 mode the default;
> it's to make a sysctl available to let people who want it turn it on.
> Even if you agree with the issues in that paper, the paper itself notes
> that 1948 mode is much better than doing nothing.

Makes sense; Rui can you please add the sysctl knob?

-e.

-- 
Elad Efrat