DCCP specification updates

On 3/15/06, Eddie Kohler <kohlercs.ucla.edu> wrote:
> Hi all,
>
> We have proofread the DCCP spec in detail for AUTH48,
and have found a number
> of technical nits.  There was one thing that I wanted
to mention explicitly
> before AUTH48 ends.
>
> We propose to change the default value of the Allow
Short Sequence Numbers
> feature to 0.
>
> Recap: DCCP sequence numbers can be either long (48
bits) or short (24 bits).
>   Short sequence numbers save header space, but leave
connections at greater
> risk for attack (and sequence number wrapping).
>
> It seems like stack implementations should default to
long sequence numbers,
> since this is safe, and allow short sequence numbers
only if a connection is
> known to be data-limited.  We can indicate this in the
spec by setting Allow
> Short Seqnos's default to 0.
>
> Quick comments OK.

FYI: The Linux implementation doesn't even support short
sequence numbers
currently, haven't checked the NetBSD one.

- Arnaldo

> FYI: The Linux implementation doesn't even support
short sequence numbers
> currently, haven't checked the NetBSD one.
> 
> - Arnaldo

An even better reason to make 0 the default.  Thanks!

E

From: "Arnaldo Carvalho de Melo" <acmeghostprotocols.net>
Subject: Re: [dccp] DCCP specification updates
Date: Wed, 15 Mar 2006 14:56:19 -0300
Message-ID:
<39e6f6c70603150956v3ab13503yd30fad71d1bbd81bmail.gmail.com>

 > On 3/15/06, Eddie Kohler <kohlercs.ucla.edu> wrote:
 > > Hi all,
 > >
 > > We have proofread the DCCP spec in detail for
AUTH48, and have found a number
 > > of technical nits.  There was one thing that I
wanted to mention explicitly
 > > before AUTH48 ends.
 > >
 > > We propose to change the default value of the
Allow Short Sequence Numbers
 > > feature to 0.
 > >
 > > Recap: DCCP sequence numbers can be either long
(48 bits) or short (24 bits).
 > >   Short sequence numbers save header space, but
leave connections at greater
 > > risk for attack (and sequence number wrapping).
 > >
 > > It seems like stack implementations should
default to long sequence numbers,
 > > since this is safe, and allow short sequence
numbers only if a connection is
 > > known to be data-limited.  We can indicate this
in the spec by setting Allow
 > > Short Seqnos's default to 0.
 > >
 > > Quick comments OK.
 > 
 > FYI: The Linux implementation doesn't even support
short sequence numbers
 > currently, haven't checked the NetBSD one.

The KAME implementaion includes minimal support for short
seqeunce number.
If the shortseq variable in dccpcb is set to 1, DCCP tries
to use
short sequecen number. However, no function to set the
variable is implemented yet..
So, the proposal is quite OK.

Thanks,
--
Yoshifumi Nishida
nishidacsl.sony.co.jp