Update to RFC793's TCP sequence number validation checks

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Update to RFC793's TCP sequence number validation checks

Fernando Gont-2

Dave Borman and me have posted an IETF Internet-Draft
that fixes an existing bug in the RFC 793 TCP sequence number validation
checks (which, if not fixed can lead to interoperability and/or security

The proposed fix has been implemented in open source stacks (yes,
including OpenBSD) for many years, so we're essentially just updating
the specs accordingly (to reflect the real world, and fix the bug).

The IETF's TCPM working group chairs wanted to to some reviews of this
(very short) Internet-Draft before it is adopted as a working group item.

If you have a few minutes, please take a look, and post your
comments/review to <[hidden email]> (and make sure to CC me). This will
be of much help, and having feedback from the implementers' community
would be really valuable.


Best regards,
Fernando Gont
SI6 Networks
e-mail: [hidden email]
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

Fernando Gont
e-mail: [hidden email] || [hidden email]
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1