[tcpm] Re: RFC 5925 Section 6.2 Issue
"Bonica, Ron" <ronald.bonica@hpe.com> Fri, 17 April 2026 11:30 UTC
Return-Path: <ronald.bonica@hpe.com>
X-Original-To: tcpm@mail2.ietf.org
Delivered-To: tcpm@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id D6A14DE3187E for <tcpm@mail2.ietf.org>; Fri, 17 Apr 2026 04:30:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1776425412; bh=2ZmhXNXeFKxc+XjAPEQqqol8wQYS2Hz7svYe7A4qMmU=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=slzUN5Pp2jtC8+EM0gbY6EtAUqTienDTuo4oQwa4rBElA+DF+4ULLmxleebmOw/3s SbQkb4tgsdyZhkY3LLmjc6FfkaLsXM7bONxKlEhg+4Wf68J7m57GEqkDh4CDKFRJTK EA6JBecAWhzzdIHegBjIBjKbhPtfrv8yeKl84xG4=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.794
X-Spam-Level:
X-Spam-Status: No, score=-2.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=hpe.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y7CSuX3ejeHq for <tcpm@mail2.ietf.org>; Fri, 17 Apr 2026 04:30:08 -0700 (PDT)
Received: from mx0b-002e3701.pphosted.com (mx0b-002e3701.pphosted.com [148.163.143.35]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 2D70FDE31872 for <tcpm@ietf.org>; Fri, 17 Apr 2026 04:30:06 -0700 (PDT)
Received: from pps.filterd (m0150245.ppops.net [127.0.0.1]) by mx0b-002e3701.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 63HB2m3g555224; Fri, 17 Apr 2026 11:29:59 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hpe.com; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=pps0720; bh=2ZmhXNXeFKxc+XjAPEQqqol8wQ YS2Hz7svYe7A4qMmU=; b=Wu45jwXFBPss/f2DD5nXV4jhmRwW8zklySy5PMEGSo JA/ECkbuRFyrRM10YKOfF1XmwxXZsZ7+aYl5rtXVbuI39v+zOFQxn3Fo2QTH+ugO 2pt0y2V4aC5lowl61b8/HaUzq0O8qiBBhFUw5mQYDQehewMzgwsuP6KKtoXhW56V MxO0lQfeE8QQZns78YWRUmpndFEDOj5XYz8R6nKLYd5vjN9H/v4rRJvejxeytK+J vRkJl6xYdKbFzhVMG01hNj2d4P0A+WK6te5Pm0oppk14MIm0pikRsaJzZ0/nSEw5 tXoOWXLx7+WniCjznCc9b/g95ser/dsOviavrVjrh9Mw==
Received: from p1lg14880.it.hpe.com (p1lg14880.it.hpe.com [16.230.97.201]) by mx0b-002e3701.pphosted.com (PPS) with ESMTPS id 4dkgq1a9ue-1 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Fri, 17 Apr 2026 11:29:58 +0000 (GMT)
Received: from p1wg14926.americas.hpqcorp.net (unknown [10.119.18.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by p1lg14880.it.hpe.com (Postfix) with ESMTPS id BE446801AC0; Fri, 17 Apr 2026 11:29:57 +0000 (UTC)
Received: from p1wg14925.americas.hpqcorp.net (10.119.18.114) by p1wg14926.americas.hpqcorp.net (10.119.18.115) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Thu, 16 Apr 2026 23:29:45 -1200
Received: from P1WG14918.americas.hpqcorp.net (16.230.19.121) by p1wg14925.americas.hpqcorp.net (10.119.18.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17 via Frontend Transport; Thu, 16 Apr 2026 23:29:45 -1200
Received: from BN1PR07CU003.outbound.protection.outlook.com (192.58.206.35) by edge.it.hpe.com (16.230.19.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Fri, 17 Apr 2026 11:29:39 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=W2jKo8FdzhwqAm8No2xcUyNmibL4p2BP9ENlIvj2g70hPyQypDcK3whWUWCr/ZiwakqLGw/N7eYiBkMJVG5+TmHoripj4RyPt+M5zvFrgFApO5NCOt6AiHI4/L4zwCRyFoMeUOdk+/jZ8x73PE3w0Lm7hZKJ7uAwsIhXjS8FcmOBHZ0xT1ENSivJWgP0z58PQ9NYKOWUZjiQv6Y3SM5fjQLCcXJgb7oYeZxxYyNbEf9gQCf7fZGBBNrB3pf2NEhTWIvG346tC5pmRr0MaZoYsdDRZdb5RKV48B1qgyCV9y6koKk/OzLUyWE3pXVtlx8Nh66XKkukg0IXUr/oiorCtw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2ZmhXNXeFKxc+XjAPEQqqol8wQYS2Hz7svYe7A4qMmU=; b=B3K/z82uM4NNiaVV6WE5AJTpOWR/aqwqLeD+R2MYDMI+3JqrTUERDQrqN0jTo87W4MsxCE7c5LevbSEPDwnB/BqywZ7juwhSgM/5vsaS+SD96y0zqkFoBKdQZ6zW5yYthOIs/Wg9qAbFJbHoCbeJci+EerTrdvW2R9+f48HKjsR+vsaLfEJ3AP5oJ2qII89w2LVDrruXWhcRfBOyGbTB0UHo0stM8RIEJ5V+VIQitNlKtCcBZZHSS89cFk/RbStHaUiwfwBRGxcS221PUbR3fIhqfavL9NOVrealjrH2nJliUBUhCbomtUvTWJvjaYe2hH9QLEbaXNo5ZTKl18xg4g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=hpe.com; dmarc=pass action=none header.from=hpe.com; dkim=pass header.d=hpe.com; arc=none
Received: from DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:8:51::18) by DS0PR84MB3675.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:8:1ab::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9818.25; Fri, 17 Apr 2026 11:29:36 +0000
Received: from DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM ([fe80::f9b2:4189:25fa:bd66]) by DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM ([fe80::f9b2:4189:25fa:bd66%3]) with mapi id 15.20.9818.023; Fri, 17 Apr 2026 11:29:36 +0000
From: "Bonica, Ron" <ronald.bonica@hpe.com>
To: "touch@strayalpha.com" <touch@strayalpha.com>
Thread-Topic: [tcpm] RFC 5925 Section 6.2 Issue
Thread-Index: AQHczSS864SzlnMErESsGIu8KKkAdbXhHSwAgACnBISAAO3yAIAAaOEL
Date: Fri, 17 Apr 2026 11:29:35 +0000
Message-ID: <DM4PR84MB231066BB10505C1EB9E557B8F4202@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM>
References: <DM4PR84MB23101CB9D908995A65184C17F4222@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM> <49EDDD40-4E15-4365-B010-16FBE27C6DCF@strayalpha.com> <DM4PR84MB23106124CB4CBF4A5F4EDFD1F4232@DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM> <16BBD577-6C08-4D48-A1A1-8D185A0D2776@strayalpha.com>
In-Reply-To: <16BBD577-6C08-4D48-A1A1-8D185A0D2776@strayalpha.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM4PR84MB2310:EE_|DS0PR84MB3675:EE_
x-ms-office365-filtering-correlation-id: 04147596-6d1e-4c11-24db-08de9c749ac4
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|4022899009|366016|376014|1800799024|38070700021|18002099003|56012099003|22082099003|8096899003;
x-microsoft-antispam-message-info: X8OrFgmvuHBiTvOaKBTWTpZkZnZ5CG78OuMo9QkQkCGpZRCzsxcdsTMGRPOTVlJG/sv4527tJ5C7qpFybhArPRckgkrCsQDufLjdFJ7lMX21ut/qEzTg1GxwpTtBG5BfuTBDX73IYKQ4rPFXC/YjoCAemNRmIb+QGTFE5YIhIQbFx1BcvnPlxG3NJt4l8NSnt0Qlt7VJYQdAt07spkRmoKsdvF6Miy4lBi/rlyv7kSdlGqAN62eLkU6087fvNyBOQGLH14g8Kz43cw6cVjrOdNjJ3v/4m0emSg4uLZ77FObl0LtleiY6+MJl75PxIxIP8Ma97IsJBl1WyBqWJ5C8NWSboSJGQuiNd5cOUGbRKT5C9WtWdcoxtgHYJstRfgR7rLpYPFvgNyQGDTsC7ISieke3gkgfRS0piHWR1YDdTMl3HOWFgbJJEXPwbfyUYDa7or3BEQjGoiB96pEH+A2Acb0E6OdSdBVVXvm/+hvQ6a7uZInp3GvwW7keTTLWrhGkiMlN5FiRfJCQs3BHJs8hxlHW74gDmWHzSy+r5XD4gsuFmUAUgfHr7fZCXQ/3yj4XCWFHip1qeaFz46jTug657WPnezUsf66S+xT7e+77v/uZmGwYMpsEBnreW7bUItoEpYUsVa1N5RavdjD8HLUdtpoaPaQiJFWIS67I4tbiNkcpxJJzNcOXan6EbQTI997o4uKhxXtha2vgIzu6523hJe0/rgi1uuLd5so/vapgCURP5okE47uT/UGElXvTuOrgVK3kCNSpxi3f4dlRW18KXgPtO40i4cdhZhISJtZUAmc=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(4022899009)(366016)(376014)(1800799024)(38070700021)(18002099003)(56012099003)(22082099003)(8096899003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: QOCVaWUqmEtUo558/k/X4hF2yDjxqZQSvgnMlpqtpDuFBjFmaRbVDLOoIvCq2qDjLU9lOLQsVdPyTIcPNEn+5LW0tTDBfbioxKzI1T0zvM5Vsg0eauCHEbeH7XXX3uQhkUu7SPMGX4IoFbQSOR9eAn2V9s7q0ocldOTmwYK7328TSVzWhsIDsx+kvfzLPxpuA/m50QV/eZn9DuhvQgaHc2nh0FA7H48k6uNl8Qng0/yIePpT70f2KHG23ouNYz+J1XEmgkkmWBtrZtOsd+OJyl7Ufy/8A/R734SYfUQbavEKRc4jLvmu5VoD6IblPUjFPAqJGvdHLNMG2xNusq6s9wAgzbTuwZ6qAwHv7D87QdcwJjkX1M4OHu5+R7ry7V9xywbj+387EBshWfw1suyLNp5406RjiZwkX/jDdqLbl+hiLu5Z1Lahx76p62jNObRjuPKJNnDA7eXwZsze5ociLWZ8DuhL4RVEpq+LKaK/SZyv7l5s1sVzczJ5iBxYS86Yek7TYE2rklmWjZAfdNTAyfZYcPMCGlocQsOSS0BYxPK3v3wzghQWk/gFCIIAinKJrtMqibkQa9eTkd3gbbIZTfSln49tDQdiAaoSBsoYBF1dep1N7EQggMrkf3yCIih8OVCqvC0RycWIat+FtHfhhsqqhX3jmRopnfk7vfE5jVeeUmk5y874z4rPLAfQ0g3UfVw4qMHdwQQv86LjZPYFzpoo/TIHP4uQWynNuDrJua7inAp0f/uYT5KOjoJ9nI5s2IgezQFZqncai3zpZKk8jECFiJAYRxEElexnX1xLVNXXi2r3n+uL9i9osiKj0AAwVSld/IWc30Xm/eNQSKd5SGLxUtkOnWMSyYaYa9ROPFLwq8w8mi7hqgCHt4P3968xHs1sMdaI9b3oClkYXtaVpKFZrROgahJJhHGxD3RVhQnwN8uvmFQz0XBxLPtrrM4WrZTBOYD80y3MFg61ruKgrMK/iEi4ue8QC45fngE/bMgRbFAUi6SNJal8w3Nc1T+/NZ1boc696XM1JBmqm+hFl6kTCSwULeAjPfxyRPVDlVMdI2X7xerfLJuCNe/liqc73Ktf23dZH28/fZLKKS2n+o+pdtfOhjZyvP+CFeT8uh1yu2U8Be/tFka2odbYKtYJhB9hFQCCbahztZxgaXqcEfPAA0a89WYwoXaJ4va5rldBQhGI8Kttnqf5gQZum2nD1p3RAnS/RO2bw7VHGIEPvB9qPry40DA6wu3E5tfycqJ2Y8V8XMmVDM6ad/u6YWAsFQd043sO4T/Z8CS0Bk3PgXBMSmNS+gasHgPOuoYEUjLHDze0tmxQ95nzY7Ywa99ind72isAhlx87to0L/zkIUxeuHk+7ndCGA0koAXOUHaMjgl5Nrsq6dH79GukrMuWzEdi+nb8acYRCl4lOEyEkdBwtbazNjfIhYqNo9mm9E5Hega0/6Lnz0CwrcpfL4t4pe2facRSoq9OO7vYT4jgp1pXD+7yQWM5R1DNotmg+LY8GpUPFnWxWq/i2FVLKqOkLDf5DgGCkVTdABtWafRw5atFifHmiyzWqX4NAVHZ/iy3bq7z+b1ErA1ZdNOs6+40pX70w03QfghfReoMoH1LOTUsxZrdnvWEi8T/y8fa1Hgx2A/OkrPL8JFuLe0n2arXpOAUrRscmFUk1+2QhvCa+WUIn9aa9egC/22knOtSp5gdebwrQjIgCu7eTn1xyMK0h
Content-Type: multipart/alternative; boundary="_000_DM4PR84MB231066BB10505C1EB9E557B8F4202DM4PR84MB2310NAMP_"
MIME-Version: 1.0
X-Exchange-RoutingPolicyChecked: BKpB1RWJRe65AubvlZb8EXfAgO6hHz7ye8wNpZBNC/NIfrEnUtX14yvD4k3uPuWWAhJtn3Y2mUtpdKvTaYfY8ZO2KHAtA5tOyJn5e9BJKa4QeCQluzLH8EkBMmWPg7ptbC2Uh2x1aEocziY7P774OJ5y1IbcwvFj/bfm5igNnU4E1//GZ13a09ggyh/uUXJGPfjxd25uDWmnuR5Jv4FFCYFRQ5rUKnS0jtk5cPa+/HFaJmJrQnGPSJ7S/jzqvHIxWUpHYKqafoXYvxZJumhksSSxSaYWrf5o/wCXEHwOcjDxf7Ajqk8xiIC1Yhh/WQkr61w1tdxPcshIXtG8jQ3XpA==
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM4PR84MB2310.NAMPRD84.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 04147596-6d1e-4c11-24db-08de9c749ac4
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2026 11:29:35.9243 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: oaFnsXXmtP+s/k7TnJlAZYZfaWVtJtrIlNZmKU1jB4dnhaSI11H2Nr4O9GaPPB4NMVLxw40DKTjQyGDgamfg4Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR84MB3675
X-OriginatorOrg: hpe.com
X-Proofpoint-GUID: XGVJbUQgaVab5sUt-udpeTHXcrHVhsdk
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNDE3MDExNSBTYWx0ZWRfX3GAWL8PEMg9B O4eV46F3xsfP3pqBTX2ai+DNwx8X/Ims29U8kd1FpPoOgbjTyJWvUm3iDAyVxoaaxSqGo8iTOgB /qdPgvC2OcFF6pw3DGJ4LruvHkSoAjj7yZowg+9K8QH9rsK8vm1aPy4fgrQwhM0XhvAJpK7m/Yf CyAPupjRk35sFSY8DQKdPxwxGMuhABC2ne6KdD8ysQIiBJtoVzcdj6c14mH4+buKAJrzOqQNPl5 1oEEWfi5sZygD6qIR8F1s5dfeCIFSIPKP9Br5jyP2X3vjQFGw8jvd2WFKISLo09AGw/75grD9/E jnJR5qhrst7LxL4di3s8W3oPcPOQlZRNVp6ETDZPSaZqkscibrME5Z6ep4wnqgMXHc3y0n9cguC v2qaxJx8Uo006x08Hh1Mv0Vpi++8Mk2/AmqlpTU+tLeu9okacMBKyJUMrqh3M5pHIAZC7mPRjmY puDXcZZuf45BrAlswfA==
X-Authority-Analysis: v=2.4 cv=H5DrBeYi c=1 sm=1 tr=0 ts=69e219b6 cx=c_pps a=A+SOMQ4XYIH4HgQ50p3F5Q==:117 a=A+SOMQ4XYIH4HgQ50p3F5Q==:17 a=z/mQ4Ysz8XfWz/Q5cLBRGdckG28=:19 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19 a=xqWC_Br6kY4A:10 a=A5OVakUREuEA:10 a=VkNPw1HP01LnGYTKEx00:22 a=gQcMVamqm3wCPoSYhaRC:22 a=6XKncaru_qjgLvANlS_8:22 a=5PjRKeHDAAAA:8 a=MvuuwTCpAAAA:8 a=48vgC7mUAAAA:8 a=x-DIos44hubhodO4DA8A:9 a=lqcHg5cX4UMA:10 a=QEXdDO2ut3YA:10 a=oJcQ2oAKAp2YEis0qNQA:9 a=NRRfviZmNyUTwBy9:21 a=frz4AuCg-hUA:10 a=_W_S_7VecoQA:10 a=JUmZIVAtDGArBY8dChIh:22
X-Proofpoint-ORIG-GUID: XGVJbUQgaVab5sUt-udpeTHXcrHVhsdk
X-HPE-SCL: -1
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-04-17_01,2026-04-16_03,2025-10-01_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 malwarescore=0 spamscore=0 bulkscore=0 clxscore=1015 priorityscore=1501 impostorscore=0 adultscore=0 suspectscore=0 lowpriorityscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2604070000 definitions=main-2604170115
Message-ID-Hash: OPPF47ONMZT25SBW3ROHQMABOBUKWDDB
X-Message-ID-Hash: OPPF47ONMZT25SBW3ROHQMABOBUKWDDB
X-MailFrom: ronald.bonica@hpe.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tcpm.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tcpm@ietf.org Extensions" <tcpm@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [tcpm] Re: RFC 5925 Section 6.2 Issue
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/YsHhTC7YGeeFX8ofMD3gjb5o6qw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Owner: <mailto:tcpm-owner@ietf.org>
List-Post: <mailto:tcpm@ietf.org>
List-Subscribe: <mailto:tcpm-join@ietf.org>
List-Unsubscribe: <mailto:tcpm-leave@ietf.org>
Joe,
I'm convinced. An errata will do. I will file one.
Ron
________________________________
From: touch@strayalpha.com <touch@strayalpha.com>
Sent: Friday, April 17, 2026 12:54 AM
To: Bonica, Ron <ronald.bonica@hpe.com>
Cc: tcpm@ietf.org Extensions <tcpm@ietf.org>
Subject: Re: [tcpm] RFC 5925 Section 6.2 Issue
There’s already an errata from 2020 that corrects the code once. This is just another bug in the code, effectively.
The intent of the SNE is clear and isn’t changing; what is changing (like in 2020) is the code that generates the intended SNE.
That’s generally considered just a technical errata - it’s not a new MUST, any more than the 2020 fix was. The RFC 9187 code was more robustly vetted than the code from 5925; neither code is a MUST in any sense.
RFC5925 states, correctly:
...The implementation of SNEs is not specified in this document, but one
possible way is described here that can be used for either RCV.SNE,
SND.SNE, or both.
Yes, the description has an error and that should be fixed. But the code in 5925 wasn’t a MUST, nor should the code in 9187 be.
Joe
On Apr 16, 2026, at 9:13 AM, Bonica, Ron <ronald.bonica@hpe.com> wrote:
Joe,
Thanks for writing RFC 9187. I didn't know that it existed.
But I think that we need to give the errata some consideration. Errata scope and backwards compatibility are issues.
The errata will say either:
*
TCP-AO MUST use the algorithm specified in RFC 9187
*
TCP-AO MUST use an algorithm that, given the validation data provided in Section 6 of RFC 9187, generates the same results as the algorithm provided in RFC 9187
Can we add a MUST in an errata? We can tiptoe around the word "MUST", but we cannot tiptoe around the errata intent.
Moreover, it the errata has any impact, it will cause people to change implementations. If they change implementations, there will be a backwards compatibility issue. Granted, the backwards compatibility issue will only be evident in a few corner cases, but there will be a backwards compatibility issue.
Ron
________________________________
From: Joe Touch <touch@strayalpha.com<mailto:touch@strayalpha.com>>
Sent: Thursday, April 16, 2026 12:44 AM
To: Bonica, Ron <ronald.bonica@hpe.com<mailto:ronald.bonica@hpe.com>>
Cc: tcpm@ietf.org<mailto:tcpm@ietf.org> Extensions <tcpm@ietf.org<mailto:tcpm@ietf.org>>
Subject: Re: [tcpm] RFC 5925 Section 6.2 Issue
Errata that points to RFC 9187.
On Apr 15, 2026, at 3:56 PM, Bonica, Ron <ronald.bonica=40hpe.com@dmarc.ietf.org<mailto:ronald.bonica=40hpe.com@dmarc.ietf.org>> wrote:
Folks,
There is a problem in RFC 5925. I am looking for the WG's advice regarding whether we should:
*
Ignore it
*
Fix it with an Errata
*
Fix it with a bis document
According to the RFC:
"TCP uses a 32-bit sequence number, which may, for long-lived connections, roll over and repeat. This could result in TCP segments being intentionally and legitimately replayed within a connection. TCP-AO prevents replay attacks, and thus requires a way to differentiate these legitimate replays from each other, and so it adds a 32-bit Sequence Number Extension (SNE) for transmitted and received segments."
The RFC continues:
"For transmitted segments, SND.SNE can be implemented by extending TCP's sequence number to 64 bits; SND.SNE would be the top (high-order) 32 bits of that number. For received segments, TCP-AO needs to emulate the use of a 64-bit number space and correctly infer the appropriate high-order 32-bits of that number as RCV.SNE from the received 32-bit sequence number and the current connection context.
The implementation of SNEs is not specified in this document, but one possible way is described here that can be used for either RCV.SNE, SND.SNE, or both."
Regardless of how SNEs are implemented, SND.SNE and RCV.SNE must be equal. Otherwise, a legitimate segment fails to authenticate and the TCP session hangs.
We test a scenario where:
*
RCV.SNE is implemented by the pseudocode provided in Section 6.2
*
The following TCP Sequence numbers were processed:
*
0xF7358299 >>>>>RCV.SNE = 0
*
0xF735A57B >>>>>RCV.SNE = 0
*
0xC >>>>>RCV.SNE = 1
*
0xF7358299 >>>>>RCV.SNE = 0
*
0xC >>>>>RCV.SNE = 2
The final RCV.SNE is 2. It should be 1.
If SND.SNE were implemented by extending TCP's sequence number to 64 bits, authentication would fail and the TCP session would hang.
How do we address this problem without creating larger backwards compatibility problems?
Ron
P.S. Thanks to Ping Chen for finding this problem
_______________________________________________
tcpm mailing list -- tcpm@ietf.org<mailto:tcpm@ietf.org>
To unsubscribe send an email to tcpm-leave@ietf.org<mailto:tcpm-leave@ietf.org>
- [tcpm] Re: RFC 5925 Section 6.2 Issue Bonica, Ron
- [tcpm] RFC 5925 Section 6.2 Issue Bonica, Ron
- [tcpm] Re: RFC 5925 Section 6.2 Issue Joe Touch
- [tcpm] Re: RFC 5925 Section 6.2 Issue touch@strayalpha.com
- [tcpm] Re: RFC 5925 Section 6.2 Issue touch@strayalpha.com
- [tcpm] Re: RFC 5925 Section 6.2 Issue Bonica, Ron