draft-ietf-tcpimpl-prob-04.txt

[Vern Paxson <vern@ee.lbl.gov>]

The -04 version of the Known Problems I-D was just submitted.  The
substantive changes are the addition of 7 new problem descriptions:

	Uninitialized CWND
	Extra additive constant in congestion avoidance
	Initial RTO too low
	Failure of window deflation after loss recovery
	Failure to back off retransmission timeout
	Retransmission sends multiple packets
	Options missing from TCP MSS calculation

These take care of all of the "serious" problems noted in
draft-ietf-tcpimpl-needdoc-00.txt as needing documentation.

The remaining problems noted as needing documentation are:

	Security:
		Predictable initial sequence number
		Ameliorating SYN flooding
		The Land attack
		spoofed MTU discovery (not in the I-D, but pointed
			out subsequently)
		spoofed RSTs (not in the I-D, but mentioned in the past)

	"Less serious"
		Failure to set PSH when send buffer drains
		Failure to ack above-sequence data

A new one that has since been mentioned is:

	sending RST in response to SYN when listen queue full

-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Bill Fisher has volunteered to work on a security problems I-D, though he
won't have cycles for this for a few weeks so it will certainly miss
tomorrow's I-D cutoff.  That should take care of the remaining serious
pending problems.

Please review the new problem descriptions in the I-D (text for them in the
next message).  Our view is that once those problem descriptions are ironed
out, then we should call the Known Problems I-D as Done; or perhaps also
document the "sending RST in response to SYN ...", as that's a fairly
serious one.  We don't see the above "Less serious" problems as worth
holding up the document.  We'd certainly like to hear other opinions
(and volunteers) regarding these.

		Mark & Vern