Re: Continuing to draft mux WG charter

From: by way of Henrik Frystyk Nielsen (
Date: Fri, Feb 12 1999

Message-Id: <>
Date: Fri, 12 Feb 1999 06:36:58 -0500
From: Brian E Carpenter <> (by way of Henrik Frystyk Nielsen <>)
Subject: Re: Continuing to draft mux WG charter

I agree with Chris re security, but I have another concern or possibly
a confusion. The draft is written very aggressively to assume TCP
as the substrate; IMHO this is wrong. If a new transport protocol
of the general flavour of T/TCP emerges, MEMUX must be able to use

Another thing I would like to see is a clear goal of being
independent of IPv4 v IPv6, and able to function in a dynamic
address environment such as NAT. In fact this is key to success.


Chris Newman wrote:
> On Wed, 10 Feb 1999, Mike Spreitzer wrote:
> > OK, I've taken Chris Newman's hint and expanded a bit on security, and
> > also Jim Whitehead's hint to clarify the nature of the goals document.
> > You can view the latest draft at:
> > <>
> What I don't find acceptable is wording akin to "security's not our
> problem" which is basically what this proposed charter says.
> Here an example of wording I would find acceptable:
> ----
>    The MEMUX WG will not design new security services.  The document will
>    describe how MEMUX interacts with existing security services (such as
>    IPsec, TLS and SASL) and what impact it will have on higher or
>    lower-level security services.
> ----
> There are subtle issues which need to be dealt with:
> * If user authentication is done below the MEMUX layer, how will
>   higher-level protocols "know" that?
> * If user authentication is done above the MEMUX layer, what
>   damage can passive or active attacks at the MEMUX layer cause?
> * What impact will MEMUX have on firewalls when used to multiplex
>   multiple services on the same port?
> Security most definitely is part of the problem.
>                 - Chris