Defending TCP Against Spoofing Attacks
RFC 4953

Approval announcement
Draft of message to be sent after approval:

From: The IESG 
To: IETF-Announce 
Cc: Internet Architecture Board ,
    RFC Editor , 
    tcpm mailing list , 
    tcpm chair 
Subject: Document Action: 'Defending TCP Against Spoofing 
         Attacks' to Informational RFC 

The IESG has approved the following document:

- 'Defending TCP Against Spoofing Attacks '
    as an Informational RFC

This document is the product of the TCP Maintenance and Minor Extensions 
Working Group. 

The IESG contact persons are Lars Eggert and Magnus Westerlund.

A URL of this Internet-Draft is:

Technical Summary

	This document is a description of the sorts of off-path spoofing
	attacks that TCP is vulnerable to and the various existing 
	proposed mitigations of those attacks.  It is a fairly detailed
	discussion of the attacks and forms a good basis for addressing
	the problems in TCP as well as starting the discussion for other
	protocols.  More practically, it can be used by designers and
	implementors to decide which of these strategies are appropriate
	for their situation.

Working Group Summary

	The draft came in to being primarily because the author was
	concerned that a new draft addressing these vulnerabilities did
	not adequately address prior work or present alternatives to
	that draft's solutions.  Eventually, those concerns were
	separated into this draft, which the group believes has
	pedagogical and practical value.

Document Quality
	The document has been endorsed by the working group as being
	complete and well written pretty universally.

	Document Shepherd: Ted Faber 
	Responsible AD: Lars Eggert 

Note to RFC Editor
   On page 8, replace:

      57,000 RSTs with suitably spaced sequence number guesses


      57,000 RSTs with suitably spaced sequence number guesses within one

      round trip time

   On page 9, Fig 2, replace the heading:



      Receive Buffer Size