Path: utzoo!utgpu!watserv1!watmath!att!linac!pacific.mps.ohio-state.edu!zaphod.mps.ohio-state.edu!samsung!uunet!mstar!mstar.morningstar.com!bob From: bob@MorningStar.Com (Bob Sutterfield) Newsgroups: comp.protocols.tcp-ip Subject: Re: TCP Spoofing... Message-ID: Date: 9 Jan 91 14:29:12 GMT References: <9101080645.AA05302@uh.msc.umn.edu> Sender: usenet@MorningStar.COM (USENET Administrator) Reply-To: bob@MorningStar.Com (Bob Sutterfield) Organization: Morning Star Technologies Lines: 19 In-Reply-To: tjs@MSC.EDU's message of 8 Jan 91 06:45:58 GMT In article <9101080645.AA05302@uh.msc.umn.edu> tjs@MSC.EDU (Tim Salo) writes: I suspect that discussions of whether the customer should be allowed to determine the significance of TCP acknowledgements (allow spoofing) or whether only protocol gurus can make this decision (disallow spoofing) falls into the realm of religion. (I vote to let the customer decide.) The customer is welcome to do whatever {s}he likes, and may indeed invent a very pleasant and workable reliable datastream protocol. Such a protocol may turn out to be widely liked by the worldwide networking community, and its inventor lauded as a sage with manifest vision and wisdom. It may turn out to be a commercial success, enabling the inventor to retire in comfort to whatever palm tree-covered tropical island paradise {s}he might care to purchase. (Note that this latter seems to be the goal of many religion inventors.) But if it can be spoofed (read: doesn't depend upon the sanctity of end-to-end ACKs), then it's not RFC793 TCP.