Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rutgers!ucla-cs!zen!ucbvax!LBL-CSAM.ARPA!van
From: van@LBL-CSAM.ARPA (Van Jacobson)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: IP options implementation
Message-ID: <8707041529.AA24545@lbl-csam.arpa>
Date: Sat, 4-Jul-87 11:29:49 EDT
Article-I.D.: lbl-csam.8707041529.AA24545
Posted: Sat Jul  4 11:29:49 1987
Date-Received: Sat, 4-Jul-87 20:08:31 EDT
Sender: daemon@ucbvax.BERKELEY.EDU
Distribution: world
Organization: The ARPA Internet
Lines: 31

>Why didn't Berkeley implement the security option?  Those of us selling systems
>to the DOD need to add it anyway and it would probably be nice if a common
>implementation across all users of 4.3BSD TCP existed.  Why do I care?  The
>security option requires some user space changes to programs like FTP and
>TELNET besides just kernel changes.

The part of the security option ftp & telnet need is implemented
in 4.3.  User level programs can stick a security option on any
TCP, UDP or IP socket.  The option will be tacked onto every IP
datagram sent on that socket.  The code to do this looks
something like

	/* format a legal security option in a 12 byte array */
	ipopt[IPOPT_OPTVAL] = IPOPT_SECURITY;
	ipopt[IPOPT_OLEN] = 11;
	...
	ipopt[11] = IPOPT_NOP;	/* pad */

	/* put the option on socket "s" */
	if (setsockopt(s, IPPROTO_IP, IP_OPTIONS, ipopt, 12) < 0)
		perror ("setsockopt:ipopt:");

On the incoming side, 4.3 ip ignores the security option and 4.3
tcp discards it.  But the option is passed intact up to the tcp
layer and it would be trivial to change tcp_input to process it
(If you were trying to make a secure Unix, you'd be re-writing
the kernel.  This change would be the least of your worries and,
anyway, it couldn't be done until the rest of the system security
model was in place.)

 - Van