Re: [tcpm] SYN/ACK Payloads, draft 01

"Adam Langley" <> Thu, 14 August 2008 01:27 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id 8FD223A6A70; Wed, 13 Aug 2008 18:27:04 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id D990C3A69F8 for <>; Wed, 13 Aug 2008 18:27:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id syhqI4KY7Zuz for <>; Wed, 13 Aug 2008 18:27:03 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 1C2A23A6941 for <>; Wed, 13 Aug 2008 18:27:02 -0700 (PDT)
Received: by with SMTP id x19so170070pyg.24 for <>; Wed, 13 Aug 2008 18:27:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender :to:subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references :x-google-sender-auth; bh=AaJM5Px/4cEo+GrzqzXcm5dqkehAXgL5dxkGdTN5zXg=; b=A3qITchZY9jVkkDXTpMC3/5bVoiBCXj7aknKfjUGcvILl1+frXXkUyW+UTMYZi2yhy sQmRgXUXF6v+EjV9lgk9ofRS5+/YKWf9NgCBdoMKQxCND6OBU+xJiMSLlGDxwZlUDAxG uR0UoDVg2ORNuv8HnnZDopZt3OmfpNBnhcQpM=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references:x-google-sender-auth; b=ZB3aTf+GGxwGZ8UUsLxNd0DgYWCB978rbGXluuSivWUZ9XQ7f7mZlDmkHZYLDC+2z8 cNaCRtICgaKtgUCDq4fHUhdglk7YHq4BT+Akdz2W03pRoWAkMocOkSjku1ycejiAld/i zDHGWH0clX5Y0+QhnfntmvAC4ZMSB26k8VlZE=
Received: by with SMTP id i13mr323185rvq.100.1218677225005; Wed, 13 Aug 2008 18:27:05 -0700 (PDT)
Received: by with HTTP; Wed, 13 Aug 2008 18:27:04 -0700 (PDT)
Message-ID: <>
Date: Wed, 13 Aug 2008 18:27:04 -0700
From: Adam Langley <>
To: Joe Touch <>
In-Reply-To: <>
MIME-Version: 1.0
Content-Disposition: inline
References: <> <> <> <> <> <> <> <> <> <>
X-Google-Sender-Auth: 0b1cf2ecd9bc5182
Subject: Re: [tcpm] SYN/ACK Payloads, draft 01
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

On Wed, Aug 13, 2008 at 6:01 PM, Joe Touch <> wrote:
> I'm wondering why an implementation in user space would expect to find
> out anything about a TCP connection that hadn't finished handshaking,
> i.e., the accept call above (AFAIR) ought to return only after the end
> of the three-way handshake (I'll have to dig out my Stephens book to
> confirm, though):

Absolutely accept() only returns after the 3-way has completed.

Note that the draft only requires that the stack be able to configure
a static payload. Additionally, it suggests that it should be able to
insert some random bytes in there for cryptographic protocols that
need it.

Thus, the kernel is able to send the SYN/ACK (with payload) without
any application involvement. Thus, all the application needs to find
out, after an accept() is weather the kernel echoed the SYNACK Payload
Permitted option. If it did, then the server knows that it's SYNACK
payload was sent and the data from the client will be a tagged
structure that I don't actually define in the draft (since it's not
anything to do with TCP). Otherwise, the option wasn't echoed in which
case the protocol continues as normal.


Adam Langley
tcpm mailing list