From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp100.iad3a.emailsrvr.com (smtp100.iad3a.emailsrvr.com [173.203.187.100]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id BE00B3B29E for ; Tue, 13 Aug 2019 16:28:30 -0400 (EDT) Received: from smtp13.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp13.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 8B10E58F4; Tue, 13 Aug 2019 16:28:30 -0400 (EDT) X-SMTPDoctor-Processed: csmtpprox beta DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=g001.emailsrvr.com; s=20190322-9u7zjiwi; t=1565728110; bh=CV5ZSE+gbEDhsNO42cJPnudSgocYhJBLhBnigp+xSME=; h=Date:Subject:From:To:From; b=Wintp8pIZRaZXBFa85VfqwEGZIZo9dFzqi9vv2f7vA1CQBIankMRvas1AGQ9XBzfD uv2vcNSOP/4eOgUDyNLzAy3r5LBAbUq5b726B6ZHkukHxoMPcfM+d+CLbBo6yFyt0a lmwoD4PE+wMw+7RMOpF7F/uU/9L5BOw9jzTDC37I= Received: from app1.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by smtp13.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 52A4F5492; Tue, 13 Aug 2019 16:28:30 -0400 (EDT) X-Sender-Id: dpreed@deepplum.com Received: from app1.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by 0.0.0.0:25 (trex/5.7.12); Tue, 13 Aug 2019 16:28:30 -0400 Received: from deepplum.com (localhost.localdomain [127.0.0.1]) by app1.wa-webapps.iad3a (Postfix) with ESMTP id 3A215E00A7; Tue, 13 Aug 2019 16:28:30 -0400 (EDT) Received: by apps.rackspace.com (Authenticated sender: dpreed@deepplum.com, from: dpreed@deepplum.com) with HTTP; Tue, 13 Aug 2019 16:28:30 -0400 (EDT) X-Auth-ID: dpreed@deepplum.com Date: Tue, 13 Aug 2019 16:28:30 -0400 (EDT) From: "David P. Reed" To: "Michael Richardson" Cc: "Dave Taht" , "ECN-Sane" MIME-Version: 1.0 Content-Type: text/plain;charset=UTF-8 Content-Transfer-Encoding: quoted-printable Importance: Normal X-Priority: 3 (Normal) X-Type: plain In-Reply-To: <24857.1565714380@localhost> References: <24857.1565714380@localhost> Message-ID: <1565728110.2365220@apps.rackspace.com> X-Mailer: webmail/16.4.7-RC Subject: Re: [Ecn-sane] cautionary tcp tale X-BeenThere: ecn-sane@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of explicit congestion notification's impact on the Internet List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Aug 2019 20:28:30 -0000 I'm of a mind to suggest an RFC specifically reiterating that non-endpoints= MUST never modify the content part of any IP datagrams, ever, with the exc= eption of the TCP and UDP extended routing header (the ports), and that sol= ely for the purpose of implementing NAT as defined in the NAT standard.=0A= =0AI think vint Cerf and I would be happy to be co-authors, maybe along wit= h Dave Clark, Noel Chiappa, and a crew of original Internet Protocol design= ers.=0A=0AI had thought this was a well-understood invariant, core to the d= esign of the entire Internet.=0A=0APart of the reason, but certainly not al= l of it, was that we all intended that the content within the IP datagram c= ontents would be treated as sacrosanct, as if encrypted by a key unknown to= the network.=0A=0AWe could not require end-to-end encryption because of IT= AR rules at the time. But it is absolutely clear that NOTHING in the networ= k transport system was expected to attempt to understand or to modify those= bits until they reached the destination, unchanged.=0A=0AIt wasn't just a = "good idea", it was a design requirement.=0A=0AOn Tuesday, August 13, 2019 = 12:39pm, "Michael Richardson" said:=0A=0A> Thanks.=0A> A= lso a good story as to why middle boxes should stay away from mangling=0A> = packets without an audit trail.=0A> =0A> =0A> =0A> ________________________= _______________________=0A> Ecn-sane mailing list=0A> Ecn-sane@lists.buffer= bloat.net=0A> https://lists.bufferbloat.net/listinfo/ecn-sane=0A> =0A