W3C home > Mailing lists > Public > ietf-discuss@w3.org > February 1999

Re: Continuing to draft mux WG charter

From: Brian E Carpenter <brian@hursley.ibm.com>
Date: Fri, 12 Feb 1999 09:56:09 +0000
Message-ID: <36C3FAB9.C0D885B2@hursley.ibm.com>
To: Chris Newman <chris@innosoft.com>
CC: Mike Spreitzer <spreitze@parc.xerox.com>, ietf-http-ng@w3.org, discuss@apps.ietf.org
I agree with Chris re security, but I have another concern or possibly
a confusion. The draft is written very aggressively to assume TCP
as the substrate; IMHO this is wrong. If a new transport protocol
of the general flavour of T/TCP emerges, MEMUX must be able to use

Another thing I would like to see is a clear goal of being
independent of IPv4 v IPv6, and able to function in a dynamic
address environment such as NAT. In fact this is key to success.


Chris Newman wrote:
> On Wed, 10 Feb 1999, Mike Spreitzer wrote:
> > OK, I've taken Chris Newman's hint and expanded a bit on security, and
> > also Jim Whitehead's hint to clarify the nature of the goals document.
> > You can view the latest draft at:
> > <http://www.w3.org/Protocols/HTTP-NG/1999/02/mux-Charter-210.html>
> What I don't find acceptable is wording akin to "security's not our
> problem" which is basically what this proposed charter says.
> Here an example of wording I would find acceptable:
> ----
>    The MEMUX WG will not design new security services.  The document will
>    describe how MEMUX interacts with existing security services (such as
>    IPsec, TLS and SASL) and what impact it will have on higher or
>    lower-level security services.
> ----
> There are subtle issues which need to be dealt with:
> * If user authentication is done below the MEMUX layer, how will
>   higher-level protocols "know" that?
> * If user authentication is done above the MEMUX layer, what
>   damage can passive or active attacks at the MEMUX layer cause?
> * What impact will MEMUX have on firewalls when used to multiplex
>   multiple services on the same port?
> Security most definitely is part of the problem.
>                 - Chris
Received on Friday, 12 February 1999 04:58:59 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:37:59 UTC