[tcpm] Protocol Action: 'Improving TCP's Robustness to Blind In-Window Attacks' to Proposed Standard

The IESG <iesg-secretary@ietf.org> Tue, 18 May 2010 16:50 UTC

Return-Path: <wwwrun@core3.amsl.com>
X-Original-To: tcpm@ietf.org
Delivered-To: tcpm@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 30) id 7E5723A6C65; Tue, 18 May 2010 09:50:51 -0700 (PDT)
X-idtracker: yes
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <20100518165051.7E5723A6C65@core3.amsl.com>
Date: Tue, 18 May 2010 09:50:51 -0700
Cc: tcpm chair <tcpm-chairs@tools.ietf.org>, tcpm mailing list <tcpm@ietf.org>, Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: [tcpm] Protocol Action: 'Improving TCP's Robustness to Blind In-Window Attacks' to Proposed Standard
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 May 2010 16:50:51 -0000

The IESG has approved the following document:

- 'Improving TCP's Robustness to Blind In-Window Attacks '
   <draft-ietf-tcpm-tcpsecure-13.txt> as a Proposed Standard

This document is the product of the TCP Maintenance and Minor Extensions Working Group. 

The IESG contact person is Lars Eggert.

A URL of this Internet-Draft is:

Technical Summary:

  This document examines the fact that long term TCP connections that
  have well known source and destination addresses are vulnerable to
  attack by the injection of bogus RST, SYN or data packets by guessing
  sequence numbers that fall into the current window of the connection.
  It provides three mitigation strategies that can be used to reduce the
  chance that an attacker can be successful with these spoofed segments.

Working Group Summary

  The working group saw that there was a fair amount of experience
  with these mitigation strategies; two of them are very simple, and
  one is a bit more involved.  The WG felt that this document is a
  SHOULD for devices that are susceptible to these types of attacks,
  and a MAY for other implementations.  These changes are not needed
  for correct TCP operation, but reduce the chance that a spoofed
  packet will be accepted as valid.

Document Quality

  The document was reviewed for quality by a fair number of TCPM
  WG members.  There already exist several implementations of these
  strategies, and there are not any known interoperability issues
  with TCP implementations that do not have these changes.


  David Borman (david.borman@windriver.com) is the document shepherd.
  Lars Eggert (lars.eggert@nokia.com) reviewed the document for the IESG.