Technical Summary
This document is a description of the sorts of off-path spoofing
attacks that TCP is vulnerable to and the various existing
proposed mitigations of those attacks. It is a fairly detailed
discussion of the attacks and forms a good basis for addressing
the problems in TCP as well as starting the discussion for other
protocols. More practically, it can be used by designers and
implementors to decide which of these strategies are appropriate
for their situation.
Working Group Summary
The draft came in to being primarily because the author was
concerned that a new draft addressing these vulnerabilities did
not adequately address prior work or present alternatives to
that draft's solutions. Eventually, those concerns were
separated into this draft, which the group believes has
pedagogical and practical value.
Document Quality
The document has been endorsed by the working group as being
complete and well written pretty universally.
Personnel
Document Shepherd: Ted Faber <faber@isi.edu>
Responsible AD: Lars Eggert <lars.eggert@nokia.com>
Note to RFC Editor
On page 8, replace:
57,000 RSTs with suitably spaced sequence number guesses
with:
57,000 RSTs with suitably spaced sequence number guesses within one
round trip time
On page 9, Fig 2, replace the heading:
BW*delay
with:
Receive Buffer Size